Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

need help removing a trojan dropper generic 28/svchost.exe*32 [Solved]

Started by zoonars , Aug 09 2012 11:10 AM

  • This topic is locked This topic is locked

#1
zoonars
Posted 09 August 2012 - 11:10 AM

zoonars

    Member

  • Member
  • PipPip
  • 17 posts
avg constantly alerts of generic trojan dropper, malwarebytes keeps blocking access to potentially malicious websites, and a svchost.exe*32 process is using up to 80% of my cpu and memory.I have tried some tutorials without success...please help!
  • 0

Advertisements

#2
zoonars
Posted 09 August 2012 - 11:13 AM

zoonars

    Member

  • Topic Starter
  • Member
  • PipPip
  • 17 posts
I also downloaded OTL and ComboFix, b/c i read about a post and figured it would help me.
  • 0

#3
Essexboy
Posted 09 August 2012 - 11:47 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Hi first I will need to see the OTL log to determine the variant

Download OTL to your Desktop
  • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
    Posted Image
  • Select All Users
  • Under the Custom Scan box paste this in
    netsvcs
    %SYSTEMDRIVE%\*.exe
    /md5start
    services.*
    explorer.exe
    winlogon.exe
    Userinit.exe
    svchost.exe
    /md5stop
    HKEY_CURRENT_USER\Software\Microsoft\Windows Media\WMSDK\Local\AutoProxyCache /s
    CREATERESTOREPOINT
  • Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
  • Post both logs

THEN

Download aswMBR.exe ( 4.8mb ) to your desktop.
Double click the aswMBR.exe to run it Click the "Scan" button to start scan

Posted Image

On completion of the scan click save log, save it to your desktop and post in your next reply

Posted Image
  • 0

#4
zoonars
Posted 09 August 2012 - 11:57 AM

zoonars

    Member

  • Topic Starter
  • Member
  • PipPip
  • 17 posts
So I paste the script and then click quick run?
  • 0

#5
zoonars
Posted 09 August 2012 - 12:03 PM

zoonars

    Member

  • Topic Starter
  • Member
  • PipPip
  • 17 posts
what is the first thing i should do? im a bit confused about your instruction
  • 0

#6
Essexboy
Posted 09 August 2012 - 12:06 PM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Paste the script into the indicated box and press scan, once that has done and the log produced then run aswMBR
  • 0

#7
zoonars
Posted 09 August 2012 - 12:13 PM

zoonars

    Member

  • Topic Starter
  • Member
  • PipPip
  • 17 posts
press quick scan? or the normal scan?
  • 0

#8
Essexboy
Posted 09 August 2012 - 12:43 PM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Quick scan please
  • 0

#9
zoonars
Posted 09 August 2012 - 08:34 PM

zoonars

    Member

  • Topic Starter
  • Member
  • PipPip
  • 17 posts
This is the OTL text file

OTL logfile created on: 8/9/2012 11:46:30 AM - Run 1
OTL by OldTimer - Version 3.2.56.0 Folder = C:\Documents and Settings\VOVA\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

510.08 Mb Total Physical Memory | 84.61 Mb Available Physical Memory | 16.59% Memory free
1.49 Gb Paging File | 1.01 Gb Available in Paging File | 67.83% Paging File free
Paging file location(s): C:\pagefile.sys 1050 1050 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74.50 Gb Total Space | 37.31 Gb Free Space | 50.09% Space Free | Partition Type: NTFS

Computer Name: PAKETA | User Name: VOVA | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/08/09 11:22:56 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\VOVA\Desktop\OTL.exe
PRC - [2012/07/27 22:29:24 | 000,913,888 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2012/07/04 17:25:54 | 005,160,568 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgidsagent.exe
PRC - [2012/06/13 03:48:26 | 000,758,392 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgrsx.exe
PRC - [2012/06/13 03:48:24 | 001,255,544 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgnsx.exe
PRC - [2012/04/05 05:12:34 | 002,587,008 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgtray.exe
PRC - [2012/03/19 05:18:12 | 000,979,840 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgemcx.exe
PRC - [2012/02/14 04:53:38 | 000,193,288 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgwdsvc.exe
PRC - [2012/02/14 04:52:38 | 000,338,784 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgcsrvx.exe
PRC - [2008/04/13 19:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2004/04/30 13:23:00 | 000,090,112 | ---- | M] (ASUSTeK COMPUTER INC.) -- C:\WINDOWS\ASUSKBService.exe


========== Modules (No Company Name) ==========

MOD - [2012/07/27 22:29:09 | 002,003,424 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll


========== Win32 Services (SafeList) ==========

SRV - [2012/08/02 18:13:22 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/07/27 22:29:22 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/07/04 17:25:54 | 005,160,568 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2012\avgidsagent.exe -- (AVGIDSAgent)
SRV - [2012/06/14 13:10:46 | 000,361,472 | ---- | M] (Alcatel-Lucent) [Disabled | Stopped] -- C:\Program Files\Common Files\Motive\pcCMService.exe -- (pcCMService)
SRV - [2012/06/14 13:09:08 | 000,342,016 | ---- | M] (Alcatel-Lucent) [Disabled | Stopped] -- C:\Program Files\Common Files\Motive\pcServiceHost.exe -- (pcServiceHost)
SRV - [2012/03/26 17:03:40 | 000,011,552 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV - [2012/02/14 04:53:38 | 000,193,288 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2012\avgwdsvc.exe -- (avgwd)
SRV - [2011/12/16 04:32:36 | 004,230,144 | ---- | M] (Native Instruments GmbH) [Disabled | Stopped] -- C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe -- (NIHardwareService)
SRV - [2010/07/27 04:47:14 | 000,315,392 | ---- | M] (Alcatel-Lucent) [Auto | Stopped] -- C:\Program Files\Common Files\Motive\McciServiceHost.exe -- (McciServiceHost)
SRV - [2004/04/30 13:23:00 | 000,090,112 | ---- | M] (ASUSTeK COMPUTER INC.) [Auto | Running] -- C:\WINDOWS\ASUSKBService.exe -- (ASUSKeyboardService)
SRV - [2004/01/05 02:27:32 | 000,065,795 | ---- | M] (HP) [On_Demand | Stopped] -- C:\WINDOWS\system32\hpzipm12.exe -- (Pml Driver HPZ12)
SRV - [2003/05/19 18:07:38 | 000,086,016 | ---- | M] (Yahoo! Inc.) [On_Demand | Stopped] -- C:\WINDOWS\system32\YPcservice.exe -- (YPCService)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\Drivers\Video3D.sys -- (Video3D)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\Drivers\uti2nzy4.sys -- (uti2nzy4)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\lgusbmodem.sys -- (USBModem)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\lgusbgps.sys -- (UsbGps)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\lgusbdiag.sys -- (UsbDiag)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\lgusbbus.sys -- (usbbus)
DRV - File not found [Kernel | System | Stopped] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys -- (SASKUTIL)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\SUPERAntiSpyware\SASENUM.SYS -- (SASENUM)
DRV - File not found [Kernel | System | Stopped] -- C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS -- (SASDIFSV)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS -- (MRENDIS5)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\PROGRA~1\COMMON~1\Motive\MREMPR5.SYS -- (MREMPR5)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\lvuvc.sys -- (LVUVC)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\LVUSBSta.sys -- (LVUSBSta)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\lvrs.sys -- (LVRS)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\Drivers\ks2usb.sys -- (ks2usb_svc)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\Drivers\ks2avs.sys -- (ks2avs)
DRV - File not found [Kernel | Boot | Unknown] -- -- (IPVNMon)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\lvuvcflt.sys -- (FilterService)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\VOVA\LOCALS~1\Temp\cpuz130\cpuz_x32.sys -- (cpuz130)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - [2012/06/14 13:09:16 | 000,021,248 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MREMP50.sys -- (MREMP50)
DRV - [2012/06/14 13:09:12 | 000,020,096 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MRESP50.sys -- (MRESP50)
DRV - [2012/04/19 04:50:26 | 000,024,896 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\avgidshx.sys -- (AVGIDSHX)
DRV - [2012/03/19 05:17:28 | 000,301,248 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgtdix.sys -- (Avgtdix)
DRV - [2012/02/22 05:25:32 | 000,235,216 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgldx86.sys -- (Avgldx86)
DRV - [2012/01/31 04:46:50 | 000,031,952 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\avgrkx86.sys -- (Avgrkx86)
DRV - [2011/12/23 13:32:14 | 000,041,040 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\avgmfx86.sys -- (Avgmfx86)
DRV - [2011/12/23 13:32:08 | 000,017,232 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\avgidsshimx.sys -- (AVGIDSShim)
DRV - [2011/12/23 13:32:06 | 000,024,144 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\avgidsfilterx.sys -- (AVGIDSFilter)
DRV - [2011/12/23 13:32:00 | 000,139,856 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\avgidsdriverx.sys -- (AVGIDSDriver)
DRV - [2011/10/26 12:10:00 | 000,025,952 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\wnsdrvr.sys -- (WnsDrvr)
DRV - [2011/10/26 11:57:02 | 000,458,752 | ---- | M] (Aladdin Knowledge Systems) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\hardlock.sys -- (hardlock)
DRV - [2011/03/05 11:54:58 | 000,218,688 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV - [2011/03/05 11:49:54 | 000,717,296 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sptd.sys -- (sptd)
DRV - [2010/02/11 07:02:15 | 000,226,880 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\tcpip6.sys -- (Tcpip6)
DRV - [2009/02/08 00:44:40 | 000,124,464 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2008/10/26 14:44:49 | 000,022,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbsermpt.sys -- (usbsermpt)
DRV - [2008/07/08 14:54:02 | 000,148,496 | ---- | M] (Kaspersky Lab) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\06999867.sys -- (is-CQL5Adrv)
DRV - [2008/04/13 13:56:06 | 000,088,320 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkipx.sys -- (NwlnkIpx)
DRV - [2008/04/13 13:53:09 | 000,040,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmnt.sys -- (nm)
DRV - [2007/06/18 20:18:26 | 000,023,680 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\motmodem.sys -- (motmodem)
DRV - [2006/05/02 13:38:42 | 000,110,720 | ---- | M] (Mars Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mr97310c.sys -- (MR97310_USB_DUAL_CAMERA)
DRV - [2006/02/21 20:46:26 | 001,505,792 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2005/11/24 20:51:38 | 000,245,248 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\rt73.sys -- (RT73)
DRV - [2005/06/07 14:21:18 | 000,541,568 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\phc700.sys -- (phc700)
DRV - [2005/02/01 19:18:38 | 000,017,992 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\bcm42rly.sys -- (BCM42RLY)
DRV - [2004/09/17 12:02:54 | 000,732,928 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\senfilt.sys -- (senfilt)
DRV - [2004/08/12 09:02:46 | 000,063,232 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnknb.sys -- (NwlnkNb)
DRV - [2004/08/12 09:02:46 | 000,055,936 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkspx.sys -- (NwlnkSpx)
DRV - [2004/08/03 22:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139)
DRV - [2004/05/26 09:08:00 | 000,007,296 | R--- | M] (ASUSTeK Computer Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\EIO.sys -- (EIO)
DRV - [2004/03/02 19:42:30 | 000,020,992 | ---- | M] (ASUSTeK COMPUTER INC.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\asuskbnt.sys -- (asuskbnt)
DRV - [2004/02/04 10:27:56 | 000,049,536 | ---- | M] (Texas Instruments Incorporated) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tiehdusb.sys -- (TIEHDUSB)
DRV - [2001/08/22 10:42:58 | 000,013,632 | ---- | M] (Dell Computer Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\omci.sys -- (OMCI)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:PA
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search, =
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}
IE - HKLM\..\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}: "URL" = http://us.yhs.search...p={searchTerms}

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.att.net
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = C2 35 82 AE 22 9C CB 01 [binary data]
IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No CLSID value found
IE - HKCU\..\SearchScopes,DefaultScope = {CCC7A320-B3CA-4199-B1A6-9F516DD69829}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...Box&Form=IE8SRC
IE - HKCU\..\SearchScopes\{94D57B42-E3BA-4C01-B98A-8CCA2FCBF29E}: "URL" = http://www.zumie.com...s={searchTerms}
IE - HKCU\..\SearchScopes\{BE28C22E-F666-424d-B5FD-125C4AFEE34E}: "URL" = http://search.myheri...q={searchTerms}
IE - HKCU\..\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}: "URL" = http://us.yhs.search...p={searchTerms}
IE - HKCU\..\SearchScopes\Yahoo!: "URL" = http://search.yahoo....p={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:8888; https=127.0.0.1:8888

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Yahoo"
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=382950"
FF - prefs.js..browser.search.param.yahoo-fr-cjkt: "chrf-ytbm"
FF - prefs.js..browser.search.param.yahoo-type: "${8}"
FF - prefs.js..browser.search.selectedEngine: "Yahoo"
FF - prefs.js..browser.search.selectedengine: "Bing"
FF - prefs.js..browser.startup.homepage: "http://go.microsoft..../?LinkId=69157"
FF - prefs.js..extensions.charles.settings.disabled.network.proxy.http: ""
FF - prefs.js..extensions.charles.settings.disabled.network.proxy.http_port: 0
FF - prefs.js..extensions.charles.settings.disabled.network.proxy.no_proxies_on: "localhost, 127.0.0.1"
FF - prefs.js..extensions.charles.settings.disabled.network.proxy.share_proxy_settings: false
FF - prefs.js..extensions.charles.settings.disabled.network.proxy.socks: ""
FF - prefs.js..extensions.charles.settings.disabled.network.proxy.socks_port: 0
FF - prefs.js..extensions.charles.settings.disabled.network.proxy.ssl: ""
FF - prefs.js..extensions.charles.settings.disabled.network.proxy.ssl_port: 0
FF - prefs.js..extensions.charles.settings.disabled.network.proxy.type: 5
FF - prefs.js..extensions.charles.settings.enabled.network.proxy.http: "127.0.0.1"
FF - prefs.js..extensions.charles.settings.enabled.network.proxy.http_port: 8888
FF - prefs.js..extensions.charles.settings.enabled.network.proxy.no_proxies_on: ""
FF - prefs.js..extensions.charles.settings.enabled.network.proxy.share_proxy_settings: false
FF - prefs.js..extensions.charles.settings.enabled.network.proxy.socks: ""
FF - prefs.js..extensions.charles.settings.enabled.network.proxy.socks_port: 0
FF - prefs.js..extensions.charles.settings.enabled.network.proxy.ssl: "127.0.0.1"
FF - prefs.js..extensions.charles.settings.enabled.network.proxy.ssl_port: 8888
FF - prefs.js..extensions.charles.settings.enabled.network.proxy.type: 1
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.2.1
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.7.3
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..keyword.URL: "http://search.yahoo....type=382950&p="
FF - prefs.js..network.proxy.type: 4


FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_3_300_270.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: File not found
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Motive.com/NpMotive,version=1.0: C:\Program Files\Common Files\Motive\npMotive.dll (Alcatel-Lucent)
FF - HKLM\Software\MozillaPlugins\@nexon.net/NxGame: \NGM\npNxGameUS.dll ()
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{F53C93F1-07D5-430c-86D4-C9531B27DFAF}: C:\Program Files\AVG\AVG2012\Firefox\DoNotTrack\ [2012/08/01 17:49:00 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/07/27 22:29:25 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/03/07 16:42:14 | 000,000,000 | ---D | M]

[2010/01/04 11:08:33 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\VOVA\Application Data\Mozilla\Extensions
[2010/01/04 11:08:33 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\VOVA\Application Data\Mozilla\Extensions\[email protected]
[2012/07/24 20:47:25 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\VOVA\Application Data\Mozilla\Firefox\Profiles\gsbyavct.default\extensions
[2012/03/18 10:22:50 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2004/08/12 09:02:43 | 000,004,819 | ---- | M] () (No name found) -- C:\DOCUMENTS AND SETTINGS\VOVA\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\GSBYAVCT.DEFAULT\EXTENSIONS\[email protected]
[2012/02/18 17:57:43 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2012/07/27 22:29:25 | 000,136,672 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2010/08/19 16:26:42 | 000,393,216 | ---- | M] (Invenda Corporation) -- C:\Program Files\mozilla firefox\plugins\NPcol400.dll
[2008/06/18 01:43:04 | 000,086,016 | ---- | M] (Coupons, Inc.) -- C:\Program Files\mozilla firefox\plugins\npCouponPrinter.dll
[2012/02/18 17:57:41 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2011/05/01 11:02:18 | 000,001,538 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-en-GB.xml
[2010/07/15 16:49:08 | 000,001,949 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing-zugo.xml
[2012/06/17 22:18:49 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2011/05/01 11:02:19 | 000,000,947 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\chambers-en-GB.xml
[2011/05/01 11:02:20 | 000,000,769 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-en-GB.xml
[2012/06/17 22:18:49 | 000,002,040 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml
[2011/05/01 11:02:21 | 000,000,831 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-en-GB.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - homepage: http://www.google.com
CHR - plugin: Shockwave Flash (Enabled) = C:\Documents and Settings\VOVA\Local Settings\Application Data\Google\Chrome\Application\15.0.874.121\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: Java Deployment Toolkit 6.0.290.11 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java™ Platform SE 6 U29 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\WINDOWS\system32\Adobe\Director\np32dsw.dll
CHR - plugin: DivX Web Player (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npdivx32.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Documents and Settings\VOVA\Local Settings\Application Data\Google\Chrome\Application\15.0.874.121\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Documents and Settings\VOVA\Local Settings\Application Data\Google\Chrome\Application\15.0.874.121\pdf.dll
CHR - plugin: E-centives Coupon Activator Netscape Plugin v. 4.0.0.0 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\NPcol400.dll
CHR - plugin: Coupons Inc., Coupon Printer Manager (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npCouponPrinter.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Google Update (Enabled) = C:\Documents and Settings\VOVA\Local Settings\Application Data\Google\Update\1.3.21.79\npGoogleUpdate3.dll
CHR - plugin: Unity Player (Enabled) = C:\Documents and Settings\VOVA\Local Settings\Application Data\Unity\WebPlayer\loader\npUnity3D32.dll
CHR - plugin: Motive Plugin (Enabled) = C:\Program Files\Common Files\Motive\npMotive.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Nexon Game Controller (Enabled) = \NGM\npNxGameUS.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin

O1 HOSTS File: ([2012/08/09 11:25:01 | 000,000,098 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (AVG Do Not Track) - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files\AVG\AVG2012\avgdtiex.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (no name) - {9D425283-D487-4337-BAB6-AB8354A81457} - No CLSID value found.
O2 - BHO: (no name) - {c07cb094-8d3c-41e8-9358-8cb1b3f1ae48} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {9D425283-D487-4337-BAB6-AB8354A81457} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKCU\..\Toolbar\ShellBrowser: (Norton AntiVirus) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - Reg Error: Value error. File not found
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: AllowLegacyWebView = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: AllowUnhashedWebView = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRealMode = 0
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\Microsoft Office\Office10\EXCEL.EXE/3000 File not found
O9 - Extra Button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files\AVG\AVG2012\avgdtiex.dll (AVG Technologies CZ, s.r.o.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKCU\..Trusted Domains: $talisma_url$ ([]https in Trusted sites)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://www.update.mi...b?1344305711578 (WUWebControl Class)
O16 - DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Value error.)
O16 - DPF: Microsoft XML Parser for Java Reg Error: Value error. (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{2D11C2CD-FEFF-47A7-AF9C-2BFD3D7191C3}: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\cetihpz {CF184AD3-CDCB-4168-A3F7-8E447D129300} - C:\Program Files\HP\hpcoretech\comp\hpuiprot.dll (Hewlett-Packard Company)
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll File not found
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll File not found
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - File not found
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UIHost - (logonui.exe) - File not found
O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - File not found
O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - File not found
O24 - Desktop WallPaper: C:\Documents and Settings\VOVA\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\VOVA\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - No CLSID value found.
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - No CLSID value found.
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - shell32.dll File not found
O29 - HKLM SecurityProviders - (msapsspc.dll) - File not found
O29 - HKLM SecurityProviders - (schannel.dll) - File not found
O29 - HKLM SecurityProviders - (digest.dll) - File not found
O29 - HKLM SecurityProviders - (msnsspc.dll) - File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008/10/19 16:14:18 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG2012\avgrsx.exe /sync /restart)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2012/08/09 11:24:52 | 000,000,000 | ---D | C] -- C:\_OTL
[2012/08/09 11:23:17 | 000,646,656 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\VOVA\Desktop\OTS.exe
[2012/08/09 11:22:44 | 000,596,480 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\VOVA\Desktop\OTL.exe
[2012/08/09 11:17:15 | 004,728,003 | ---- | C] (Swearware) -- C:\Documents and Settings\VOVA\Desktop\ComboFix.exe
[2012/08/09 10:58:35 | 000,000,000 | ---D | C] -- C:\Program Files\Reference Assemblies
[2012/08/03 19:53:11 | 000,000,000 | ---D | C] -- C:\Program Files\ATI Technologies
[2012/08/01 17:56:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\VOVA\Application Data\AVG2012
[2012/08/01 17:51:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\AVG
[2012/08/01 17:48:36 | 000,000,000 | -H-D | C] -- C:\$AVG
[2012/08/01 17:48:35 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\AVG
[2012/08/01 17:28:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AVG2012
[2012/08/01 17:28:04 | 000,000,000 | ---D | C] -- C:\Program Files\AVG
[2012/08/01 17:25:36 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2012/08/01 17:25:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\MFAData
[2012/07/31 14:39:02 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ODBC
[2012/07/20 12:06:32 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Application Data\{45A5DECC-D6B1-4364-8030-F693CF272758}
[2012/07/20 12:03:29 | 012,080,144 | ---- | C] (Native Instruments ) -- C:\Documents and Settings\VOVA\Desktop\Traktor Kontrol S2 Driver Setup PC.exe
[2012/07/11 11:00:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\VOVA\Local Settings\Application Data\Motive
[2009/08/20 10:18:32 | 000,092,064 | ---- | C] (MCCI) -- C:\Documents and Settings\VOVA\mqdmmdm.sys
[2009/08/20 10:18:32 | 000,079,328 | ---- | C] (MCCI) -- C:\Documents and Settings\VOVA\mqdmserd.sys
[2009/08/20 10:18:32 | 000,066,656 | ---- | C] (MCCI) -- C:\Documents and Settings\VOVA\mqdmbus.sys
[2009/08/20 10:18:32 | 000,009,232 | ---- | C] (MCCI) -- C:\Documents and Settings\VOVA\mqdmmdfl.sys
[2009/08/20 10:18:32 | 000,006,208 | ---- | C] (MCCI) -- C:\Documents and Settings\VOVA\mqdmcmnt.sys
[2009/08/20 10:18:32 | 000,005,936 | ---- | C] (MCCI) -- C:\Documents and Settings\VOVA\mqdmwhnt.sys
[2009/08/20 10:18:32 | 000,004,048 | ---- | C] (MCCI) -- C:\Documents and Settings\VOVA\mqdmcr.sys
[2008/10/26 14:44:49 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Documents and Settings\VOVA\usbsermptxp.sys
[2008/10/26 14:44:49 | 000,022,768 | ---- | C] (Microsoft Corporation) -- C:\Documents and Settings\VOVA\usbsermpt.sys

========== Files - Modified Within 30 Days ==========

[2012/08/09 12:00:02 | 000,001,324 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2012/08/09 11:42:42 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012/08/09 11:41:07 | 2745,903,136 | -HS- | M] () -- C:\WINDOWS\System32\drivers\fidbox.dat
[2012/08/09 11:41:07 | 032,177,876 | -HS- | M] () -- C:\WINDOWS\System32\drivers\fidbox.idx
[2012/08/09 11:25:01 | 000,000,098 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\Hosts
[2012/08/09 11:23:27 | 000,646,656 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\VOVA\Desktop\OTS.exe
[2012/08/09 11:22:56 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\VOVA\Desktop\OTL.exe
[2012/08/09 11:19:47 | 004,728,003 | ---- | M] (Swearware) -- C:\Documents and Settings\VOVA\Desktop\ComboFix.exe
[2012/08/09 11:11:55 | 103,289,042 | ---- | M] () -- C:\WINDOWS\System32\drivers\AVG\incavi.avm
[2012/08/09 11:10:18 | 000,532,100 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012/08/09 11:10:17 | 000,098,902 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012/08/08 16:08:25 | 000,004,635 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2012/08/07 20:11:09 | 000,000,730 | ---- | M] () -- C:\Documents and Settings\VOVA\Desktop\Mozilla Firefox.lnk
[2012/08/06 18:42:51 | 000,031,809 | ---- | M] () -- C:\WINDOWS\System32\drivers\AVG\iavichjg.avm
[2012/08/02 21:26:46 | 000,002,523 | ---- | M] () -- C:\Documents and Settings\VOVA\Desktop\Microsoft Office Word 2007 (2).lnk
[2012/08/02 21:26:34 | 000,878,908 | ---- | M] () -- C:\Documents and Settings\VOVA\Desktop\full bike pic.PNG
[2012/08/01 19:39:12 | 000,027,520 | ---- | M] () -- C:\Documents and Settings\VOVA\Local Settings\Application Data\dt.dat
[2012/08/01 17:51:09 | 000,000,718 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\AVG 2012.lnk
[2012/08/01 16:58:19 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012/08/01 16:44:01 | 000,001,945 | ---- | M] () -- C:\WINDOWS\epplauncher.mif
[2012/08/01 14:37:38 | 000,000,210 | -HS- | M] () -- C:\boot.ini
[2012/07/31 18:11:55 | 000,000,019 | ---- | M] () -- C:\Documents and Settings\VOVA\Desktop\ram.vbs
[2012/07/29 21:47:28 | 000,097,115 | ---- | M] () -- C:\Documents and Settings\VOVA\Desktop\IMG951293.jpg
[2012/07/26 21:19:30 | 000,000,020 | -H-- | M] () -- C:\Documents and Settings\All Users\Application Data\PKP_DLdu.DAT
[2012/07/20 22:51:37 | 000,000,040 | ---- | M] () -- C:\Documents and Settings\VOVA\jagex_cl_runescape_LIVE.dat
[2012/07/20 21:10:35 | 000,000,802 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2012/07/20 21:00:11 | 000,001,479 | ---- | M] () -- C:\WINDOWS\WININIT.INI
[2012/07/20 12:03:30 | 012,080,144 | ---- | M] (Native Instruments ) -- C:\Documents and Settings\VOVA\Desktop\Traktor Kontrol S2 Driver Setup PC.exe
[2012/07/20 11:52:17 | 000,000,682 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\CCleaner.lnk
[2012/07/16 11:16:54 | 000,297,256 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012/07/11 10:54:27 | 000,001,826 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\AT&T Troubleshoot & Resolve Tool.lnk

========== Files Created - No Company Name ==========

[2012/08/09 11:11:55 | 103,289,042 | ---- | C] () -- C:\WINDOWS\System32\drivers\AVG\incavi.avm
[2012/08/07 20:11:09 | 000,000,730 | ---- | C] () -- C:\Documents and Settings\VOVA\Desktop\Mozilla Firefox.lnk
[2012/08/06 18:42:51 | 000,031,809 | ---- | C] () -- C:\WINDOWS\System32\drivers\AVG\iavichjg.avm
[2012/08/01 19:39:12 | 000,027,520 | ---- | C] () -- C:\Documents and Settings\VOVA\Local Settings\Application Data\dt.dat
[2012/08/01 17:51:09 | 000,000,718 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\AVG 2012.lnk
[2012/07/31 19:38:31 | 000,878,908 | ---- | C] () -- C:\Documents and Settings\VOVA\Desktop\full bike pic.PNG
[2012/07/31 18:11:55 | 000,000,019 | ---- | C] () -- C:\Documents and Settings\VOVA\Desktop\ram.vbs
[2012/07/29 23:14:30 | 000,097,115 | ---- | C] () -- C:\Documents and Settings\VOVA\Desktop\IMG951293.jpg
[2012/07/16 10:38:47 | 000,004,635 | ---- | C] () -- C:\WINDOWS\imsins.BAK
[2012/06/27 19:27:47 | 000,297,256 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012/05/12 16:17:35 | 000,000,268 | RH-- | C] () -- C:\Documents and Settings\All Users\Application Data\Ambient
[2012/05/12 16:17:35 | 000,000,012 | RH-- | C] () -- C:\Documents and Settings\All Users\Application Data\Applause and Laugher
[2012/05/12 14:54:41 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\laserjet
[2012/02/14 16:35:05 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2011/11/09 18:27:40 | 000,053,760 | ---- | C] () -- C:\WINDOWS\System32\hlvdd.dll
[2011/10/25 21:24:07 | 000,000,040 | ---- | C] () -- C:\Documents and Settings\VOVA\jagex_cl_runescape_LIVE.dat
[2011/06/13 22:49:37 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\CommonDL.dll
[2011/06/13 22:49:37 | 000,002,413 | ---- | C] () -- C:\WINDOWS\System32\lgAxconfig.ini
[2011/04/26 17:21:47 | 000,000,004 | ---- | C] () -- C:\Documents and Settings\VOVA\cache.dat
[2011/03/20 22:13:28 | 000,000,025 | ---- | C] () -- C:\WINDOWS\popcinfot.dat
[2011/03/02 11:15:19 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\GTW32N50.dll
[2011/01/31 12:15:10 | 000,565,248 | R--- | C] () -- C:\WINDOWS\System32\hpotscl.dll
[2011/01/31 11:31:25 | 000,038,867 | ---- | C] () -- C:\WINDOWS\hpomdl03.dat
[2011/01/31 11:31:25 | 000,029,567 | ---- | C] () -- C:\WINDOWS\hpoins03.dat
[2011/01/24 10:18:05 | 000,000,004 | ---- | C] () -- C:\Program Files\94921.dat
[2010/11/28 11:23:23 | 000,000,016 | ---- | C] () -- C:\Documents and Settings\VOVA\Application Data\ArbiAuth.ini
[2010/10/23 10:09:57 | 000,001,324 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010/10/17 23:01:01 | 000,541,568 | ---- | C] () -- C:\WINDOWS\System32\drivers\phc700.sys
[2010/10/17 23:01:01 | 000,015,488 | ---- | C] () -- C:\WINDOWS\phc700.ini
[2010/10/03 09:59:11 | 000,065,808 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2010/04/24 21:38:08 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\VOVA\Local Settings\Application Data\prvlcl.dat
[2010/04/08 23:17:34 | 000,000,613 | ---- | C] () -- C:\Documents and Settings\VOVA\Application Data\ClipExtractor-YouTube-Clip-ExtractorFlvConverterDefaultSettings.xml
[2010/03/25 20:17:36 | 000,000,051 | ---- | C] () -- C:\Documents and Settings\VOVA\jagex__preferences3.dat
[2010/01/06 00:08:08 | 000,005,052 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\xqkcebzs.dik
[2009/12/26 11:44:12 | 000,000,709 | ---- | C] () -- C:\Documents and Settings\VOVA\CommandDispatchers.xml
[2009/12/26 11:44:11 | 000,001,360 | ---- | C] () -- C:\Documents and Settings\VOVA\cleaner-config.xml
[2009/10/02 20:31:14 | 000,000,129 | ---- | C] () -- C:\Documents and Settings\VOVA\jagex_runescape_preferences2.dat
[2009/08/20 10:18:32 | 000,009,913 | ---- | C] () -- C:\Documents and Settings\VOVA\MCCI_MDM.INF
[2009/08/20 10:18:32 | 000,006,989 | ---- | C] () -- C:\Documents and Settings\VOVA\MCCI_BUS.INF
[2009/08/20 10:18:32 | 000,004,477 | ---- | C] () -- C:\Documents and Settings\VOVA\MCCI_SDM.INF
[2009/08/20 10:18:26 | 000,070,690 | ---- | C] () -- C:\Documents and Settings\VOVA\Copy of oem37.PNF
[2009/08/20 10:18:26 | 000,054,341 | ---- | C] () -- C:\Documents and Settings\VOVA\Copy of oem37.inf
[2009/08/20 10:18:26 | 000,015,682 | ---- | C] () -- C:\Documents and Settings\VOVA\Copy of oem36.PNF
[2009/08/20 10:18:26 | 000,013,998 | ---- | C] () -- C:\Documents and Settings\VOVA\Copy of oem14.PNF
[2009/08/20 10:18:26 | 000,012,820 | ---- | C] () -- C:\Documents and Settings\VOVA\Copy of oem15.PNF
[2009/08/20 10:18:26 | 000,012,682 | ---- | C] () -- C:\Documents and Settings\VOVA\Copy of oem16.PNF
[2009/08/20 10:18:26 | 000,012,348 | ---- | C] () -- C:\Documents and Settings\VOVA\Copy of oem25.PNF
[2009/08/20 10:18:26 | 000,009,232 | ---- | C] () -- C:\Documents and Settings\VOVA\Copy of oem36.inf
[2009/08/20 10:18:26 | 000,006,947 | ---- | C] () -- C:\Documents and Settings\VOVA\1250781506-(null)
[2009/08/20 10:18:26 | 000,006,009 | ---- | C] () -- C:\Documents and Settings\VOVA\Copy of oem16.inf
[2009/08/20 10:18:26 | 000,005,877 | ---- | C] () -- C:\Documents and Settings\VOVA\Copy of oem15.inf
[2009/08/20 10:18:26 | 000,005,813 | ---- | C] () -- C:\Documents and Settings\VOVA\Copy of oem25.inf
[2009/08/20 10:16:57 | 000,009,232 | ---- | C] () -- C:\Documents and Settings\VOVA\USB_MOT_BRIT.INF
[2009/08/20 10:16:57 | 000,005,960 | ---- | C] () -- C:\Documents and Settings\VOVA\USB_MOT_A1000.INF
[2009/08/20 10:16:55 | 000,070,690 | ---- | C] () -- C:\Documents and Settings\VOVA\1250781415-oem25.PNF
[2009/08/20 10:16:55 | 000,054,341 | ---- | C] () -- C:\Documents and Settings\VOVA\1250781415-oem25.inf
[2009/08/20 10:16:55 | 000,012,546 | ---- | C] () -- C:\Documents and Settings\VOVA\1250781415-oem16.PNF
[2009/08/20 10:16:55 | 000,005,891 | ---- | C] () -- C:\Documents and Settings\VOVA\1250781415-oem16.inf
[2009/08/20 10:16:54 | 000,014,294 | ---- | C] () -- C:\Documents and Settings\VOVA\1250781414-oem14.PNF
[2009/08/20 10:16:54 | 000,012,820 | ---- | C] () -- C:\Documents and Settings\VOVA\1250781414-oem15.PNF
[2009/08/20 10:16:54 | 000,007,195 | ---- | C] () -- C:\Documents and Settings\VOVA\1250781414-oem14.inf
[2009/08/20 10:16:54 | 000,005,877 | ---- | C] () -- C:\Documents and Settings\VOVA\1250781414-oem15.inf
[2009/03/27 10:13:08 | 000,000,046 | ---- | C] () -- C:\Documents and Settings\VOVA\jagex_runescape_preferences.dat
[2009/01/19 02:19:52 | 000,002,528 | ---- | C] () -- C:\Documents and Settings\VOVA\Application Data\$_hpcst$.hpc
[2008/12/07 17:50:09 | 000,000,268 | RH-- | C] () -- C:\Documents and Settings\VOVA\Application Data\Action
[2008/12/07 17:50:09 | 000,000,020 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\PKP_DLdu.DAT
[2008/11/20 16:19:00 | 000,000,133 | ---- | C] () -- C:\Documents and Settings\VOVA\Local Settings\Application Data\Apple.rar
[2008/10/26 15:11:02 | 000,000,127 | ---- | C] () -- C:\Documents and Settings\VOVA\Local Settings\Application Data\fusioncache.dat
[2008/10/26 14:44:49 | 000,007,201 | ---- | C] () -- C:\Documents and Settings\VOVA\USBMOT2000.INF
[2008/10/26 14:44:49 | 000,006,141 | ---- | C] () -- C:\Documents and Settings\VOVA\USBMOT2000XP.INF
[2008/10/26 14:44:49 | 000,005,880 | ---- | C] () -- C:\Documents and Settings\VOVA\USB_CMCS_2000.INF
[2008/10/25 14:26:56 | 000,020,992 | ---- | C] () -- C:\Documents and Settings\VOVA\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

========== LOP Check ==========

[2011/12/13 08:18:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ableton
[2011/01/30 11:15:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Alwil Software
[2009/12/11 01:12:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ashampoo
[2012/08/09 10:56:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG2012
[2012/08/08 16:02:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\BVRP Software
[2012/08/01 17:25:36 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2011/02/16 23:45:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Pro
[2008/12/07 17:50:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\EnterNHelp
[2010/02/27 14:20:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Firefly Studios
[2010/12/22 10:50:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\FreeApp
[2010/12/22 10:50:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\IObit
[2011/06/13 23:13:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\LGMOBILEAX
[2012/08/09 11:13:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MFAData
[2009/11/07 02:17:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MyHeritage
[2012/06/10 22:45:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Native Instruments
[2012/05/12 16:18:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Nikon
[2010/07/19 00:00:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\page
[2009/01/18 23:18:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Drivers HeadQuarters
[2011/03/17 16:59:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PopCap Games
[2011/07/12 12:14:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Propellerhead Software
[2011/02/07 11:06:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\RegCure
[2011/02/12 20:23:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SwiftKit
[2011/07/07 09:54:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2008/12/07 17:50:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ultima_T15
[2010/07/09 23:50:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Visual Networks
[2011/01/27 01:10:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Weskysoft
[2012/06/10 22:56:40 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{19FCAF8F-7B79-4E2C-8780-29F42A1EC9CA}
[2010/07/05 16:26:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2012/07/20 12:06:32 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{45A5DECC-D6B1-4364-8030-F693CF272758}
[2009/04/15 19:10:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
[2009/01/15 21:27:38 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{92E7A367-8E12-4830-AA70-29C32E331A81}
[2012/06/10 22:42:39 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{95B4F0ED-951F-4D36-B068-5EC1C4C19C14}
[2012/06/10 22:43:47 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{A2A4D724-2D08-46E4-BAA8-EC9EE875D133}
[2011/12/13 08:18:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\VOVA\Application Data\Ableton
[2012/08/01 17:56:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\VOVA\Application Data\AVG2012
[2011/10/22 11:39:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\VOVA\Application Data\Charles
[2011/03/05 11:49:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\VOVA\Application Data\DAEMON Tools Lite
[2012/04/27 16:38:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\VOVA\Application Data\DAEMON Tools Pro
[2010/12/02 18:31:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\VOVA\Application Data\DVDVideoSoftIEHelpers
[2010/08/19 16:26:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\VOVA\Application Data\E-centives
[2011/07/16 13:29:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\VOVA\Application Data\Easeware
[2011/02/16 11:27:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\VOVA\Application Data\FCSB000062035
[2008/12/12 19:42:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\VOVA\Application Data\FDRLab
[2010/05/15 13:30:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\VOVA\Application Data\GetRightToGo
[2009/01/19 01:40:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\VOVA\Application Data\iGO
[2010/12/26 14:03:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\VOVA\Application Data\IObit
[2009/12/04 20:41:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\VOVA\Application Data\Leadertech
[2009/11/07 01:58:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\VOVA\Application Data\MyHeritage
[2012/01/08 21:54:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\VOVA\Application Data\Nikon
[2009/09/02 21:42:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\VOVA\Application Data\OpenOffice.org
[2011/09/14 09:52:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\VOVA\Application Data\pchc
[2011/07/12 12:42:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\VOVA\Application Data\Propellerhead Software
[2008/10/19 23:40:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\VOVA\Application Data\Ringtone
[2008/12/12 20:25:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\VOVA\Application Data\Simply Super Software
[2008/12/17 15:24:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\VOVA\Application Data\SlipStream
[2012/06/11 01:02:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\VOVA\Application Data\SoundTaste Audio Converter
[2011/05/04 21:21:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\VOVA\Application Data\TeamViewer
[2008/12/12 20:24:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\VOVA\Application Data\Thinstall
[2009/12/25 15:18:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\VOVA\Application Data\Uniblue
[2010/06/26 22:41:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\VOVA\Application Data\Unity
[2008/12/31 19:43:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\VOVA\Application Data\URSoft
[2012/04/27 16:38:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\VOVA\Application Data\uTorrent
[2011/02/16 11:28:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\VOVA\Application Data\WeatherBug
[2009/08/03 21:42:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\VOVA\Application Data\Windows Desktop Search
[2009/08/03 21:56:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\VOVA\Application Data\Windows Search

========== Purity Check ==========



========== Files - Unicode (All) ==========
[2012/05/13 18:33:19 | 000,000,000 | ---D | M](C:\Documents and Settings\VOVA\My Documents\????????????) -- C:\Documents and Settings\VOVA\My Documents\Завантаження
[2011/06/12 20:43:38 | 000,000,000 | ---D | C](C:\Documents and Settings\VOVA\My Documents\????????????) -- C:\Documents and Settings\VOVA\My Documents\Завантаження

========== Alternate Data Streams ==========

@Alternate Data Stream - 98 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:B3D74A13
@Alternate Data Stream - 88 bytes -> C:\WINDOWS\System32\svchost.exe:SummaryInformation
@Alternate Data Stream - 251 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2
@Alternate Data Stream - 127 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:430C6D84
@Alternate Data Stream - 114 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:D1B5B4F1

< End of report >

Attached Files

  • Attached File  OTL.Txt   107.8KB   54 downloads

  • 0

#10
zoonars
Posted 09 August 2012 - 08:36 PM

zoonars

    Member

  • Topic Starter
  • Member
  • PipPip
  • 17 posts 
OTL Extras logfile created on: 8/9/2012 7:27:20 PM - Run 1

OTL by OldTimer - Version 3.2.56.0     Folder = C:\Documents and Settings\VOVA\My Documents\Downloads

Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 7.0.5730.13)

Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

 

510.08 Mb Total Physical Memory | 200.85 Mb Available Physical Memory | 39.38% Memory free

1.49 Gb Paging File | 1.02 Gb Available in Paging File | 68.03% Paging File free

Paging file location(s): C:\pagefile.sys 1050 1050 [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files

Drive C: | 74.50 Gb Total Space | 37.06 Gb Free Space | 49.75% Space Free | Partition Type: NTFS

 

Computer Name: PAKETA | User Name: VOVA | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: All users | Quick Scan

Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

 

[color=#E56717]========== Extra Registry (SafeList) ==========[/color]

 

 

[color=#E56717]========== File Associations ==========[/color]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*

.html [@ = Reg Error: Value error.] -- Reg Error: Key error. File not found

.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l

.reg [@ = regfile] -- regedit.exe "%1"

 

[HKEY_USERS\S-1-5-21-1409082233-1060284298-839522115-1004\SOFTWARE\Classes\<extension>]

.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

 

[color=#E56717]========== Shell Spawning ==========[/color]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*

exefile [open] -- "%1" %*

helpfile [open] -- winhlp32.exe %1

htmlfile [edit] -- Reg Error: Key error.

htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1"

http [open] -- Reg Error: Value error.

https [open] -- Reg Error: Value error.

InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l

InternetShortcut [print] -- rundll32.exe C:\WINDOWS\system32\mshtml.dll,PrintHTML "%1"

piffile [open] -- "%1" %*

regfile [open] -- regedit.exe "%1"

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- Reg Error: Key error.

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)

Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

 

[color=#E56717]========== Security Center Settings ==========[/color]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"FirstRunDisabled" = 1

"AntiVirusDisableNotify" = 0

"FirewallDisableNotify" = 0

"UpdatesDisableNotify" = 0

"AntiVirusOverride" = 1

"FirewallOverride" = 0

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

 

[color=#E56717]========== System Restore Settings ==========[/color]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]

"DisableSR" = 0

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]

"Start" = 0

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]

"Start" = 2

 

[color=#E56717]========== Firewall Settings ==========[/color]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

"EnableFirewall" = 1

"DisableNotifications" = 0

"DoNotAllowExceptions" = 0

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004

"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005

"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001

"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002

"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007

"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

"EnableFirewall" = 1

"DoNotAllowExceptions" = 1

"DisableNotifications" = 0

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007

"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008

"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004

"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005

"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001

"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002

"5985:TCP" = 5985:TCP:*:Disabled:Windows Remote Management 

"80:TCP" = 80:TCP:*:Disabled:Windows Remote Management - Compatibility Mode (HTTP-In) 

 

[color=#E56717]========== Authorized Applications List ==========[/color]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

"C:\Program Files\Mozilla Firefox\firefox.exe" = C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox -- (Mozilla Corporation)

"C:\Program Files\Skype\Plugin Manager\skypePM.exe" = C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager

"C:\WINDOWS\system32\mmc.exe" = C:\WINDOWS\system32\mmc.exe:*:Disabled:Microsoft Management Console -- (Microsoft Corporation)

"C:\WINDOWS\system32\dxdiag.exe" = C:\WINDOWS\system32\dxdiag.exe:*:Enabled:Microsoft DirectX Diagnostic Tool -- (Microsoft Corporation)

"C:\WINDOWS\system32\dpvsetup.exe" = C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test -- (Microsoft Corporation)

"C:\Program Files\uTorrent\uTorrent.exe" = C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.)

"C:\Program Files\Java\jre6\bin\javaw.exe" = C:\Program Files\Java\jre6\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.)

"C:\Program Files\Common Files\Motive\McciServiceHost.exe" = C:\Program Files\Common Files\Motive\McciServiceHost.exe:*:Enabled:McciServiceHost -- (Alcatel-Lucent)

"C:\Documents and Settings\VOVA\My Documents\Downloads\utorrent.exe" = C:\Documents and Settings\VOVA\My Documents\Downloads\utorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.)

"C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe" = C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit -- (Apple Inc.)

"C:\Program Files\Common Files\Motive\pcServiceHost.exe" = C:\Program Files\Common Files\Motive\pcServiceHost.exe:*:Enabled:pcServiceHost -- (Alcatel-Lucent)

"C:\Program Files\AVG\AVG2012\avgnsx.exe" = C:\Program Files\AVG\AVG2012\avgnsx.exe:*:Enabled:Online Shield -- (AVG Technologies CZ, s.r.o.)

"C:\Program Files\AVG\AVG2012\avgdiagex.exe" = C:\Program Files\AVG\AVG2012\avgdiagex.exe:*:Disabled:??????????? AVG 2012 -- (AVG Technologies CZ, s.r.o.)

"C:\Program Files\AVG\AVG2012\avgemcx.exe" = C:\Program Files\AVG\AVG2012\avgemcx.exe:*:Disabled:???????????? ?????? ??????????? ????? -- (AVG Technologies CZ, s.r.o.)

"C:\Program Files\AVG\AVG2012\avgmfapx.exe" = C:\Program Files\AVG\AVG2012\avgmfapx.exe:*:Disabled:????????? ????????? AVG -- (AVG Technologies CZ, s.r.o.)

 

 

[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{0886900B-B2F3-452C-B580-60F1253F7F80}" = Native Instruments Controller Editor

"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended

"{0B8565BA-BAD5-4732-B122-5FD78EFC50A9}" = Native Instruments Service Center

"{0F842B77-56EA-4AAF-8295-81A022350B5E}" = Microsoft Security Client

"{0FABD3D7-3036-4e78-B29D-58957ADB0A12}" = HP PSC & OfficeJet 3.5

"{121634B0-2F4B-11D3-ADA3-00C04F52DD52}" = Windows Installer Clean Up

"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

"{237CD223-1B9D-47E8-A76C-E478B83CCEA2}" = File Uploader

"{23B8A91D-680B-462B-87AD-3D70F7341731}" = iTunes

"{24C8FBF7-26C6-48ca-834B-A4E5C09E362F}" = AiO_Scan

"{257EC58E-03FD-472B-A9B6-93F23A3C4CB0}" = Scan

"{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java(TM) 6 Update 31

"{2E132061-C78A-48D4-A899-1D13B9D189FA}" = Memories Disc Creator 2.0

"{300D9EF4-2721-4cb4-A6C3-FB2337CFEA2D}" = AIOMinimal

"{31228E31-2BFF-11D2-8866-00805F0D9D40}" = QPST

"{315ACD04-BCEB-478B-9B1D-5431D0E6CB11}" = ASUS Enhanced Display Driver

"{32A3A4F4-B792-11D6-A78A-00B0D0160220}" = Java(TM) SE Development Kit 6 Update 22

"{34957B51-9676-41CE-9E52-44AE91B73F1C}" = HP Software Update

"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP

"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile

"{3D8003CE-E3CD-49b7-A59E-9C21546AF95E}" = Native Instruments Traktor Kontrol S2 Driver

"{44B3522B-195C-488D-84AC-9526FA99CB73}" = Motorola Handset USB Driver

"{474F25F5-BDC9-40E5-B1B6-F6BF23FC106F}" = Windows Live Essentials

"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater

"{50779A29-834E-4E36-BBEB-B7CABC67A825}" = Microsoft Security Client UK-UA Language Pack

"{57C7C46A-D35D-492d-A328-4F8C9B5B4B52}" = PrintScreen

"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM

"{62F79C52-E264-44ab-ABC2-7BEA2962C70D}" = 5500Trb

"{63F2408D-A675-4d97-A256-70EACB6B9B4A}" = AiOSoftware

"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin

"{6D12EC75-E7D3-4EAD-AB10-E1F3AFF94AA6}" = AVG 2012

"{6D4E56A1-22EE-44d8-BD14-7B9FB7F80D1B}" = 5500_Help

"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable

"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK

"{73C23496-A105-4b6f-B8F0-22523DFE4E4E}" = 5500

"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update

"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour

"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec

"{7B8BA496-E201-4246-9A8B-687B49145F53}" = IObit Toolbar v4.1

"{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime

"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable

"{90120000-0010-0409-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders  (English) 12

"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007

"{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007

"{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007

"{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007

"{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007

"{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007

"{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007

"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)

"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007

"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)

"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007

"{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISE_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)

"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007

"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007

"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007

"{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007

"{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007

"{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007

"{90120000-00BA-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007

"{90120000-0114-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007

"{90120000-0115-0409-0000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007

"{90120000-0117-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting

"{99052DB7-9592-4522-A558-5417BBAD48EE}" = Microsoft ActiveSync

"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

"{A2500497-FD32-493e-B8E5-28D6728DBEF5}" = Readme

"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR

"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2

"{A8EC0CC0-AD8D-4244-B080-424EDF7A7634}" = Native Instruments Traktor 2

"{AA59DDE4-B672-4621-A016-4C248204957A}" = Skype™ 5.5

"{AC76BA86-7AD7-1033-7B44-A94000000001}" = Adobe Reader 9.4.5

"{AF226123-1A6F-4ec1-8DEF-E35E7A0D0127}" = Fax

"{B143D835-EBAF-4A39-8B31-1868FF4166C1}" = AVG 2012

"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy

"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player

"{BBD94C23-00A2-4F51-8D42-C124126A95FC}" = Microsoft Antimalware Service UK-UA Language Pack

"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2

"{C70BF2F2-2B54-4303-ABE6-82A20038A2EA}" = SPC 700NC PC Camera

"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1

"{CDBFDD5B-50E0-4021-94AF-516B80509ABE}" = 5500Tour

"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1

"{D186329B-1B4D-408D-ABEC-EA5CE1F182C9}" = Overland

"{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}" = Microsoft Primary Interoperability Assemblies 2005

"{D2FCC1AE-6311-47C5-8130-C6C66D77DD71}" = Nikon Message Center

"{D78653C3-A8FF-415F-92E6-D774E634FF2D}" = Dell ResourceCD

"{E9757890-7EC5-46C8-99AB-B00F07B6525C}" = Nikon Transfer

"{EB879750-CCBD-4013-BFD5-0294D4DA5BD0}" = Apple Application Support

"{EFC04D3F-A152-47E7-8517-EE0F6201AFEF}" = Apple Mobile Device Support

"{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX

"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard

"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)

"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01

"Ad-Aware SE Personal" = Ad-Aware SE Personal

"Adobe AIR" = Adobe AIR

"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX

"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin

"Adobe Shockwave Player" = Adobe Shockwave Player 11.6

"All ATI Software" = ATI - Software Uninstall Utility

"ATI Display Driver" = ATI Display Driver

"ATT-SST" = AT&T Troubleshoot & Resolve Tool

"AVG" = AVG 2012

"BroadJump Client Foundation" = BroadJump Client Foundation

"CCleaner" = CCleaner

"Coupon Printer for Windows4.0" = Coupon Printer for Windows

"DAEMON Tools Pro" = DAEMON Tools Pro

"DVD2one V2" = DVD2one V2.3.1

"ENTERPRISE" = Microsoft Office Enterprise 2007

"FileLocator Lite_is1" = FileLocator Lite 2010

"FreeApp v1" = FreeApps

"Game Booster_is1" = Game Booster

"hp officejet 5500 series_Driver" = hp officejet 5500 series

"HP Photo & Imaging" = HP Image Zone 3.5

"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs

"InstallShield_{315ACD04-BCEB-478B-9B1D-5431D0E6CB11}" = ASUS Enhanced Display Driver

"KLiteCodecPack_is1" = K-Lite Codec Pack 5.6.1 (Full)

"Live 8.1.1" = Live 8.1.1

"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.62.0.1300

"Microsoft .NET Framework 1.1  (1033)" = Microsoft .NET Framework 1.1

"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1

"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile

"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended

"Mozilla ActiveX Control v1.7.12" = Mozilla ActiveX Control v1.7.12

"Mozilla Firefox 14.0.1 (x86 en-US)" = Mozilla Firefox 14.0.1 (x86 en-US)

"MozillaMaintenanceService" = Mozilla Maintenance Service

"mr97310c_79b33283ba293e6c94e125bce27e0ecded0a2591" = Windows Driver Package - Camera Maker (MR97310_USB_DUAL_CAMERA) Image 05/02/2006 2.0.1.0

"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP

"MSNINST" = MSN

"Native Instruments Controller Editor" = Native Instruments Controller Editor

"Native Instruments Massive" = Native Instruments Massive

"Native Instruments Service Center" = Native Instruments Service Center

"Native Instruments Traktor 2" = Native Instruments Traktor 2

"Native Instruments Traktor Kontrol S2 Driver" = Native Instruments Traktor Kontrol S2 Driver

"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs

"PROSet" = Intel(R) PRO Network Connections Drivers

"SoundTaste Audio Converter_is1" = SoundTaste Audio Converter 6.2.1

"uTorrent" = µTorrent

"Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5

"Wdf01009" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.9

"Windows Media Format Runtime" = Windows Media Format 11 runtime

"Windows Media Player" = Windows Media Player 11

"Windows XP Service Pack" = Windows XP Service Pack 3

"WinRAR archiver" = WinRAR archiver

"WMFDist11" = Windows Media Format 11 runtime

"wmp11" = Windows Media Player 11

"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0

 

[color=#E56717]========== HKEY_USERS Uninstall List ==========[/color]

 

[HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"RegAlive" = RegAlive

 

[color=#E56717]========== HKEY_USERS Uninstall List ==========[/color]

 

[HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"RegAlive" = RegAlive

 

[color=#E56717]========== HKEY_USERS Uninstall List ==========[/color]

 

[HKEY_USERS\S-1-5-21-1409082233-1060284298-839522115-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

 

[color=#E56717]========== Last 20 Event Log Errors ==========[/color]

 

[ Application Events ]

Error - 8/9/2012 11:56:24 AM | Computer Name = PAKETA | Source = SecurityCenter | ID = 1802

Description = The Windows Security Center Service was unable to establish event 

queries with WMI to monitor third party AntiVirus and Firewall.

 

Error - 8/9/2012 12:43:19 PM | Computer Name = PAKETA | Source = SecurityCenter | ID = 1802

Description = The Windows Security Center Service was unable to establish event 

queries with WMI to monitor third party AntiVirus and Firewall.

 

Error - 8/9/2012 1:21:22 PM | Computer Name = PAKETA | Source = crypt32 | ID = 131083

Description = Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>

 with error: A required certificate is not within its validity period when verifying

 against the current system clock or the timestamp in the signed file.  

 

Error - 8/9/2012 1:21:22 PM | Computer Name = PAKETA | Source = crypt32 | ID = 131083

Description = Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>

 with error: A required certificate is not within its validity period when verifying

 against the current system clock or the timestamp in the signed file.  

 

Error - 8/9/2012 1:21:22 PM | Computer Name = PAKETA | Source = crypt32 | ID = 131083

Description = Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>

 with error: A required certificate is not within its validity period when verifying

 against the current system clock or the timestamp in the signed file.  

 

Error - 8/9/2012 2:25:02 PM | Computer Name = PAKETA | Source = EventSystem | ID = 4609

Description = The COM+ Event System detected a bad return code during its internal

 processing.  HRESULT was 80070005 from line 44 of d:\comxp_sp3\com\com1x\src\events\tier1\eventsystemobj.cpp.

  Please contact Microsoft Product Support Services to report this erro

 

Error - 8/9/2012 2:25:02 PM | Computer Name = PAKETA | Source = VSS | ID = 8193

Description = Volume Shadow Copy Service error: Unexpected error calling routine

 CoCreateInstance.  hr = 0x80040206.

 

Error - 8/9/2012 2:27:39 PM | Computer Name = PAKETA | Source = SecurityCenter | ID = 1802

Description = The Windows Security Center Service was unable to establish event 

queries with WMI to monitor third party AntiVirus and Firewall.

 

Error - 8/9/2012 7:12:23 PM | Computer Name = PAKETA | Source = SecurityCenter | ID = 1802

Description = The Windows Security Center Service was unable to establish event 

queries with WMI to monitor third party AntiVirus and Firewall.

 

Error - 8/9/2012 7:30:31 PM | Computer Name = PAKETA | Source = SecurityCenter | ID = 1802

Description = The Windows Security Center Service was unable to establish event 

queries with WMI to monitor third party AntiVirus and Firewall.

 

[ Application Events ]

Error - 8/9/2012 11:56:24 AM | Computer Name = PAKETA | Source = SecurityCenter | ID = 1802

Description = The Windows Security Center Service was unable to establish event 

queries with WMI to monitor third party AntiVirus and Firewall.

 

Error - 8/9/2012 12:43:19 PM | Computer Name = PAKETA | Source = SecurityCenter | ID = 1802

Description = The Windows Security Center Service was unable to establish event 

queries with WMI to monitor third party AntiVirus and Firewall.

 

Error - 8/9/2012 1:21:22 PM | Computer Name = PAKETA | Source = crypt32 | ID = 131083

Description = Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>

 with error: A required certificate is not within its validity period when verifying

 against the current system clock or the timestamp in the signed file.  

 

Error - 8/9/2012 1:21:22 PM | Computer Name = PAKETA | Source = crypt32 | ID = 131083

Description = Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>

 with error: A required certificate is not within its validity period when verifying

 against the current system clock or the timestamp in the signed file.  

 

Error - 8/9/2012 1:21:22 PM | Computer Name = PAKETA | Source = crypt32 | ID = 131083

Description = Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>

 with error: A required certificate is not within its validity period when verifying

 against the current system clock or the timestamp in the signed file.  

 

Error - 8/9/2012 2:25:02 PM | Computer Name = PAKETA | Source = EventSystem | ID = 4609

Description = The COM+ Event System detected a bad return code during its internal

 processing.  HRESULT was 80070005 from line 44 of d:\comxp_sp3\com\com1x\src\events\tier1\eventsystemobj.cpp.

  Please contact Microsoft Product Support Services to report this erro

 

Error - 8/9/2012 2:25:02 PM | Computer Name = PAKETA | Source = VSS | ID = 8193

Description = Volume Shadow Copy Service error: Unexpected error calling routine

 CoCreateInstance.  hr = 0x80040206.

 

Error - 8/9/2012 2:27:39 PM | Computer Name = PAKETA | Source = SecurityCenter | ID = 1802

Description = The Windows Security Center Service was unable to establish event 

queries with WMI to monitor third party AntiVirus and Firewall.

 

Error - 8/9/2012 7:12:23 PM | Computer Name = PAKETA | Source = SecurityCenter | ID = 1802

Description = The Windows Security Center Service was unable to establish event 

queries with WMI to monitor third party AntiVirus and Firewall.

 

Error - 8/9/2012 7:30:31 PM | Computer Name = PAKETA | Source = SecurityCenter | ID = 1802

Description = The Windows Security Center Service was unable to establish event 

queries with WMI to monitor third party AntiVirus and Firewall.

 

[ Application Events ]

Error - 8/9/2012 11:56:24 AM | Computer Name = PAKETA | Source = SecurityCenter | ID = 1802

Description = The Windows Security Center Service was unable to establish event 

queries with WMI to monitor third party AntiVirus and Firewall.

 

Error - 8/9/2012 12:43:19 PM | Computer Name = PAKETA | Source = SecurityCenter | ID = 1802

Description = The Windows Security Center Service was unable to establish event 

queries with WMI to monitor third party AntiVirus and Firewall.

 

Error - 8/9/2012 1:21:22 PM | Computer Name = PAKETA | Source = crypt32 | ID = 131083

Description = Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>

 with error: A required certificate is not within its validity period when verifying

 against the current system clock or the timestamp in the signed file.  

 

Error - 8/9/2012 1:21:22 PM | Computer Name = PAKETA | Source = crypt32 | ID = 131083

Description = Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>

 with error: A required certificate is not within its validity period when verifying

 against the current system clock or the timestamp in the signed file.  

 

Error - 8/9/2012 1:21:22 PM | Computer Name = PAKETA | Source = crypt32 | ID = 131083

Description = Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>

 with error: A required certificate is not within its validity period when verifying

 against the current system clock or the timestamp in the signed file.  

 

Error - 8/9/2012 2:25:02 PM | Computer Name = PAKETA | Source = EventSystem | ID = 4609

Description = The COM+ Event System detected a bad return code during its internal

 processing.  HRESULT was 80070005 from line 44 of d:\comxp_sp3\com\com1x\src\events\tier1\eventsystemobj.cpp.

  Please contact Microsoft Product Support Services to report this erro

 

Error - 8/9/2012 2:25:02 PM | Computer Name = PAKETA | Source = VSS | ID = 8193

Description = Volume Shadow Copy Service error: Unexpected error calling routine

 CoCreateInstance.  hr = 0x80040206.

 

Error - 8/9/2012 2:27:39 PM | Computer Name = PAKETA | Source = SecurityCenter | ID = 1802

Description = The Windows Security Center Service was unable to establish event 

queries with WMI to monitor third party AntiVirus and Firewall.

 

Error - 8/9/2012 7:12:23 PM | Computer Name = PAKETA | Source = SecurityCenter | ID = 1802

Description = The Windows Security Center Service was unable to establish event 

queries with WMI to monitor third party AntiVirus and Firewall.

 

Error - 8/9/2012 7:30:31 PM | Computer Name = PAKETA | Source = SecurityCenter | ID = 1802

Description = The Windows Security Center Service was unable to establish event 

queries with WMI to monitor third party AntiVirus and Firewall.

 

[ System Events ]

Error - 8/9/2012 8:46:34 PM | Computer Name = PAKETA | Source = Service Control Manager | ID = 7001

Description = The Remote Access Connection Manager service depends on the Telephony

 service which failed to start because of the following error:   %%1058

 

Error - 8/9/2012 8:46:34 PM | Computer Name = PAKETA | Source = Service Control Manager | ID = 7001

Description = The Remote Access Connection Manager service depends on the Telephony

 service which failed to start because of the following error:   %%1058

 

Error - 8/9/2012 8:46:34 PM | Computer Name = PAKETA | Source = Service Control Manager | ID = 7001

Description = The Remote Access Connection Manager service depends on the Telephony

 service which failed to start because of the following error:   %%1058

 

Error - 8/9/2012 8:46:34 PM | Computer Name = PAKETA | Source = Service Control Manager | ID = 7001

Description = The Remote Access Connection Manager service depends on the Telephony

 service which failed to start because of the following error:   %%1058

 

Error - 8/9/2012 8:46:35 PM | Computer Name = PAKETA | Source = Service Control Manager | ID = 7001

Description = The Remote Access Connection Manager service depends on the Telephony

 service which failed to start because of the following error:   %%1058

 

Error - 8/9/2012 8:46:35 PM | Computer Name = PAKETA | Source = Service Control Manager | ID = 7001

Description = The Remote Access Connection Manager service depends on the Telephony

 service which failed to start because of the following error:   %%1058

 

Error - 8/9/2012 8:46:35 PM | Computer Name = PAKETA | Source = Service Control Manager | ID = 7001

Description = The Remote Access Connection Manager service depends on the Telephony

 service which failed to start because of the following error:   %%1058

 

Error - 8/9/2012 8:46:35 PM | Computer Name = PAKETA | Source = Service Control Manager | ID = 7001

Description = The Remote Access Connection Manager service depends on the Telephony

 service which failed to start because of the following error:   %%1058

 

Error - 8/9/2012 8:46:51 PM | Computer Name = PAKETA | Source = Service Control Manager | ID = 7001

Description = The Remote Access Connection Manager service depends on the Telephony

 service which failed to start because of the following error:   %%1058

 

Error - 8/9/2012 8:46:58 PM | Computer Name = PAKETA | Source = Service Control Manager | ID = 7001

Description = The Remote Access Connection Manager service depends on the Telephony

 service which failed to start because of the following error:   %%1058

 

[ System Events ]

Error - 8/9/2012 8:46:34 PM | Computer Name = PAKETA | Source = Service Control Manager | ID = 7001

Description = The Remote Access Connection Manager service depends on the Telephony

 service which failed to start because of the following error:   %%1058

 

Error - 8/9/2012 8:46:34 PM | Computer Name = PAKETA | Source = Service Control Manager | ID = 7001

Description = The Remote Access Connection Manager service depends on the Telephony

 service which failed to start because of the following error:   %%1058

 

Error - 8/9/2012 8:46:34 PM | Computer Name = PAKETA | Source = Service Control Manager | ID = 7001

Description = The Remote Access Connection Manager service depends on the Telephony

 service which failed to start because of the following error:   %%1058

 

Error - 8/9/2012 8:46:34 PM | Computer Name = PAKETA | Source = Service Control Manager | ID = 7001

Description = The Remote Access Connection Manager service depends on the Telephony

 service which failed to start because of the following error:   %%1058

 

Error - 8/9/2012 8:46:35 PM | Computer Name = PAKETA | Source = Service Control Manager | ID = 7001

Description = The Remote Access Connection Manager service depends on the Telephony

 service which failed to start because of the following error:   %%1058

 

Error - 8/9/2012 8:46:35 PM | Computer Name = PAKETA | Source = Service Control Manager | ID = 7001

Description = The Remote Access Connection Manager service depends on the Telephony

 service which failed to start because of the following error:   %%1058

 

Error - 8/9/2012 8:46:35 PM | Computer Name = PAKETA | Source = Service Control Manager | ID = 7001

Description = The Remote Access Connection Manager service depends on the Telephony

 service which failed to start because of the following error:   %%1058

 

Error - 8/9/2012 8:46:35 PM | Computer Name = PAKETA | Source = Service Control Manager | ID = 7001

Description = The Remote Access Connection Manager service depends on the Telephony

 service which failed to start because of the following error:   %%1058

 

Error - 8/9/2012 8:46:51 PM | Computer Name = PAKETA | Source = Service Control Manager | ID = 7001

Description = The Remote Access Connection Manager service depends on the Telephony

 service which failed to start because of the following error:   %%1058

 

Error - 8/9/2012 8:46:58 PM | Computer Name = PAKETA | Source = Service Control Manager | ID = 7001

Description = The Remote Access Connection Manager service depends on the Telephony

 service which failed to start because of the following error:   %%1058

 

 

< End of report >

  • 0

Advertisements

#11
zoonars
Posted 09 August 2012 - 08:39 PM

zoonars

    Member

  • Topic Starter
  • Member
  • PipPip
  • 17 posts
This is aswMBR text file
aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-08-09 21:38:14
-----------------------------
21:38:14.703    OS Version: Windows 5.1.2600 Service Pack 3
21:38:14.703    Number of processors: 1 586 0x304
21:38:14.703    ComputerName: PAKETA  UserName: VOVA
21:38:28.250    Initialize success
21:38:40.203    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP1T0L0-17
21:38:40.203    Disk 0 Vendor: HDS722580VLSA80 V32OA69A Size: 76293MB BusType: 3
21:38:40.203    Device \Driver\atapi -> DriverStartIo 82c452e2
21:38:40.203    Disk 0 MBR read successfully
21:38:40.203    Disk 0 MBR scan
21:38:40.203    Disk 0 Windows XP default MBR code
21:38:40.203    Disk 0 MBR hidden
21:38:40.203    Disk 0 Partition 1 00     07    HPFS/NTFS NTFS        76285 MB offset 63
21:38:40.218    Disk 0 scanning sectors +156232125
21:38:40.328    Disk 0 scanning C:\WINDOWS\system32\drivers
21:38:50.390    Service scanning
21:39:00.578    Service sptd C:\WINDOWS\System32\Drivers\sptd.sys **LOCKED** 32
21:39:03.765    Modules scanning
21:39:11.687    Module: C:\WINDOWS\System32\Drivers\atapi.sys  **SUSPICIOUS**
21:39:15.546    Module: C:\WINDOWS\System32\drivers\dxgthk.sys  **SUSPICIOUS**
21:39:16.203    Module: C:\WINDOWS\system32\drivers\hardlock.sys  **SUSPICIOUS**
21:39:16.640    Module: C:\WINDOWS\system32\ntdll.dll  **SUSPICIOUS**
21:39:16.640    Disk 0 trace - called modules:
21:39:16.640    ntoskrnl.exe CLASSPNP.SYS disk.sys >>UNKNOWN [0x82c454b1]<<
21:39:16.640    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x83343ab8]
21:39:16.656    3 CLASSPNP.SYS[f84f8fd7] -> nt!IofCallDriver -> [0x82d64d38]
21:39:16.656    \Driver\atapi[0x82d5d448] -> IRP_MJ_CREATE -> 0x82c454b1
21:39:16.656    Scan finished successfully
21:39:31.453    Disk 0 MBR has been saved successfully to "C:\Documents and Settings\VOVA\Desktop\MBR.dat"
21:39:31.453    The log file has been saved successfully to "C:\Documents and Settings\VOVA\Desktop\aswMBR.txt"

  • 0

#12
Essexboy
Posted 10 August 2012 - 05:58 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Have you run combofix ? If so could you post the log

Warning This fix is only relevant for this system and no other, using on another computer may cause problems

Be advised that when the fix commences it will shut down all running processes and you may lose the desktop and icons, they will return on reboot

Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following
    Posted Image

    :OTL
    IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:8888; https=127.0.0.1:8888
    FF - prefs.js..extensions.charles.settings.enabled.network.proxy.http: "127.0.0.1"
    FF - prefs.js..extensions.charles.settings.enabled.network.proxy.http_port: 8888
    FF - prefs.js..extensions.charles.settings.enabled.network.proxy.ssl: "127.0.0.1"
    FF - prefs.js..extensions.charles.settings.enabled.network.proxy.ssl_port: 8888
    O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
    O2 - BHO: (no name) - {9D425283-D487-4337-BAB6-AB8354A81457} - No CLSID value found.
    O2 - BHO: (no name) - {c07cb094-8d3c-41e8-9358-8cb1b3f1ae48} - No CLSID value found.
    O3 - HKLM\..\Toolbar: (no name) - {9D425283-D487-4337-BAB6-AB8354A81457} - No CLSID value found.
    O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
    O3 - HKCU\..\Toolbar\ShellBrowser: (Norton AntiVirus) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - Reg Error: Value error. File not found

    :Files
    ipconfig /flushdns /c


    :Commands
    [purity]
    [resethosts]
    [emptytemp]
    [CREATERESTOREPOINT]
    [Reboot]

  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done
  • Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.

THEN

Download the latest version of TDSSKiller from here and save it to your Desktop.


  • Doubleclick on TDSSKiller.exe to run the application
    Posted Image
  • Then click on Change parameters.

    Posted Image
  • Check the boxes beside Verify Driver Digital Signature and Detect TDLFS file system, then click OK.
  • Click the Start Scan button.

  • If a suspicious object is detected, the default action will be Skip, click on Continue.

    Posted Image
  • If malicious objects are found, they will show in the Scan results and offer three (3) options.
  • Ensure Cure is selected, then click Continue => Reboot now to finish the cleaning process.
  • Get the report by selecting Reports

    Posted Image
  • Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.

Please copy and paste its contents on your next reply.
  • 0

#13
zoonars
Posted 10 August 2012 - 10:47 AM

zoonars

    Member

  • Topic Starter
  • Member
  • PipPip
  • 17 posts
here is the fix scan of OTL
All processes killed
========== OTL ==========
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer| /E : value set successfully!
Prefs.js: "127.0.0.1" removed from extensions.charles.settings.enabled.network.proxy.http
Prefs.js: 8888 removed from extensions.charles.settings.enabled.network.proxy.http_port
Prefs.js: "127.0.0.1" removed from extensions.charles.settings.enabled.network.proxy.ssl
Prefs.js: 8888 removed from extensions.charles.settings.enabled.network.proxy.ssl_port
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4efb-9B51-7695ECA05670}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9D425283-D487-4337-BAB6-AB8354A81457}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9D425283-D487-4337-BAB6-AB8354A81457}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{c07cb094-8d3c-41e8-9358-8cb1b3f1ae48}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{c07cb094-8d3c-41e8-9358-8cb1b3f1ae48}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{9D425283-D487-4337-BAB6-AB8354A81457} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9D425283-D487-4337-BAB6-AB8354A81457}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}\ not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser\\{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6}\ deleted successfully.
========== FILES ==========
[color=#A23BEC]< ipconfig /flushdns /c >[/color]
C:\Documents and Settings\VOVA\Desktop\cmd.bat deleted successfully.
C:\Documents and Settings\VOVA\Desktop\cmd.txt deleted successfully.
========== COMMANDS ==========
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
 
[EMPTYTEMP]
 
User: All Users
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
 
User: Documents and Settings
 
User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 301919667 bytes
->Java cache emptied: 12 bytes
->FireFox cache emptied: 0 bytes
->Flash cache emptied: 6746 bytes
 
User: NetworkService
->Temp folder emptied: 66016 bytes
->Temporary Internet Files folder emptied: 285610291 bytes
->Flash cache emptied: 14869 bytes
 
User: VOVA
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 5765304 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 112017461 bytes
->Google Chrome cache emptied: 0 bytes
->Flash cache emptied: 2071 bytes
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 2224965 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 9144363 bytes
 
Total Files Cleaned = 684.00 mb
 
System Restore Service not available.
 
OTL by OldTimer - Version 3.2.56.0 log created on 08102012_112937

Files\Folders moved on Reboot...
File\Folder C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\Z82P7LUA\2DCA7NB302CA9USA23CATZL8DUCAW68U7NCAOMZ32BCAD3W453CA530EA2CAOXKZSACADFPQL2CATZPIGSCAJ79120CA0AO2IDCAG2ZV84CAV3BLMHCACFTMR0CA57HG87CATH6MTACAMP7273CATW3WKP not found!
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\Z82P7LUA\beacon[7].htm moved successfully.
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\Z82P7LUA\beacon[8].htm moved successfully.
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\Z82P7LUA\ontour-312974-03-31-2012[1].mp4 moved successfully.
File\Folder C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\OUTEXOJC\data[2].gif not found!
File\Folder C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\OUTEXOJC\frogger[1].htm not found!
File\Folder C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\OUTEXOJC\fw-nonplayer-banner[1].htm not found!
File\Folder C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\OUTEXOJC\oauth[1].htm not found!
File\Folder C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\OUTEXOJC\vh[1].htm not found!
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\L3Y32FBP\dlive_300_250-ros[1].htm moved successfully.
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\L3Y32FBP\dlive_728_90-ros[3].htm moved successfully.
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\IC3PRGXX\xd_arbiter[3].htm moved successfully.
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\E4UHMUJ3\dlive_300_250-ros[1].htm moved successfully.
File\Folder C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\E4UHMUJ3\leaving_the_country_gamesgames_com[1].swf not found!
File\Folder C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\E4UHMUJ3\LoQFRpwq7WM[1].htm not found!
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\E4UHMUJ3\xd_arbiter[1].htm moved successfully.
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\E18TSPWP\dlive_300_250-ros[2].htm moved successfully.
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\E18TSPWP\dlive_728_90-ros[1].htm moved successfully.
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\E18TSPWP\liftrtb_4[1].js moved successfully.
File\Folder C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\4Q8Z8RHJ\sprite_32_small[1].png not found!
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\0D9TCGP9\1344035271526_51794161870348[2].htm moved successfully.
File\Folder C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\0D9TCGP9\bubaworldadmin_com[1].htm not found!
File\Folder C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\0D9TCGP9\bubaworldadmin_com[3].htm not found!
File\Folder C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\0D9TCGP9\bubaworldadmin_com[4].htm not found!
File\Folder C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\0D9TCGP9\dnserrordiagoff_webOCCARNQ0GB not found!
File\Folder C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\0D9TCGP9\freegametopia_com[1].htm not found!
File\Folder C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\0D9TCGP9\fw-nonplayer-banner[2].htm not found!
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\0D9TCGP9\ontour-312974-03-31-2012[1].mp4 moved successfully.
File\Folder C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\0D9TCGP9\ontour_mevio_com[1].htm not found!
File\Folder C:\WINDOWS\temp\fla7.tmp not found!
C:\WINDOWS\temp\WCESLog.log moved successfully.

PendingFileRenameOperations files...
File C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\Z82P7LUA\2DCA7NB302CA9USA23CATZL8DUCAW68U7NCAOMZ32BCAD3W453CA530EA2CAOXKZSACADFPQL2CATZPIGSCAJ79120CA0AO2IDCAG2ZV84CAV3BLMHCACFTMR0CA57HG87CATH6MTACAMP7273CATW3WKP not found!
File C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\Z82P7LUA\beacon[7].htm not found!
File C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\Z82P7LUA\beacon[8].htm not found!
File C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\Z82P7LUA\ontour-312974-03-31-2012[1].mp4 not found!
File C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\OUTEXOJC\data[2].gif not found!
File C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\OUTEXOJC\frogger[1].htm not found!
File C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\OUTEXOJC\fw-nonplayer-banner[1].htm not found!
File C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\OUTEXOJC\oauth[1].htm not found!
File C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\OUTEXOJC\vh[1].htm not found!
File C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\L3Y32FBP\dlive_300_250-ros[1].htm not found!
File C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\L3Y32FBP\dlive_728_90-ros[3].htm not found!
File C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\IC3PRGXX\xd_arbiter[3].htm not found!
File C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\E4UHMUJ3\dlive_300_250-ros[1].htm not found!
File C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\E4UHMUJ3\leaving_the_country_gamesgames_com[1].swf not found!
File C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\E4UHMUJ3\LoQFRpwq7WM[1].htm not found!
File C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\E4UHMUJ3\xd_arbiter[1].htm not found!
File C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\E18TSPWP\dlive_300_250-ros[2].htm not found!
File C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\E18TSPWP\dlive_728_90-ros[1].htm not found!
File C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\E18TSPWP\liftrtb_4[1].js not found!
File C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\4Q8Z8RHJ\sprite_32_small[1].png not found!
File C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\0D9TCGP9\1344035271526_51794161870348[2].htm not found!
File C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\0D9TCGP9\bubaworldadmin_com[1].htm not found!
File C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\0D9TCGP9\bubaworldadmin_com[3].htm not found!
File C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\0D9TCGP9\bubaworldadmin_com[4].htm not found!
File C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\0D9TCGP9\dnserrordiagoff_webOCCARNQ0GB not found!
File C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\0D9TCGP9\freegametopia_com[1].htm not found!
File C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\0D9TCGP9\fw-nonplayer-banner[2].htm not found!
File C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\0D9TCGP9\ontour-312974-03-31-2012[1].mp4 not found!
File C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\0D9TCGP9\ontour_mevio_com[1].htm not found!
File C:\WINDOWS\temp\fla7.tmp not found!
File C:\WINDOWS\temp\WCESLog.log not found!

Registry entries deleted on Reboot...

  • 0

#14
zoonars
Posted 10 August 2012 - 10:51 AM

zoonars

    Member

  • Topic Starter
  • Member
  • PipPip
  • 17 posts
here is the kaspersky scan
11:50:30.0375 2732	TDSS rootkit removing tool 2.7.48.0 Jul 24 2012 13:16:32
11:50:31.0265 2732	============================================================
11:50:31.0265 2732	Current date / time: 2012/08/10 11:50:31.0265
11:50:31.0265 2732	SystemInfo:
11:50:31.0265 2732	
11:50:31.0265 2732	OS Version: 5.1.2600 ServicePack: 3.0
11:50:31.0265 2732	Product type: Workstation
11:50:31.0359 2732	ComputerName: PAKETA
11:50:31.0359 2732	UserName: VOVA
11:50:31.0359 2732	Windows directory: C:\WINDOWS
11:50:31.0359 2732	System windows directory: C:\WINDOWS
11:50:31.0359 2732	Processor architecture: Intel x86
11:50:31.0359 2732	Number of processors: 1
11:50:31.0359 2732	Page size: 0x1000
11:50:31.0359 2732	Boot type: Normal boot
11:50:31.0359 2732	============================================================
11:50:35.0937 2732	Drive \Device\Harddisk0\DR0 - Size: 0x12A05F2000 (74.51 Gb), SectorSize: 0x200, Cylinders: 0x25FE, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
11:50:35.0968 2732	============================================================
11:50:35.0968 2732	\Device\Harddisk0\DR0:
11:50:35.0968 2732	MBR partitions:
11:50:35.0968 2732	\Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x94FE97E
11:50:35.0968 2732	============================================================
11:50:36.0015 2732	C: <-> \Device\Harddisk0\DR0\Partition0
11:50:36.0031 2732	============================================================
11:50:36.0031 2732	Initialize success
11:50:36.0031 2732	============================================================
11:50:41.0312 2920	============================================================
11:50:41.0312 2920	Scan started
11:50:41.0312 2920	Mode: Manual; SigCheck; TDLFS; 
11:50:41.0312 2920	============================================================
11:50:41.0609 2920	6to4            (c07d5197410aab28d0d93f943f59656d) C:\WINDOWS\System32\6to4svc.dll
11:50:42.0046 2920	6to4 ( UnsignedFile.Multi.Generic ) - warning
11:50:42.0046 2920	6to4 - detected UnsignedFile.Multi.Generic (1)
11:50:42.0093 2920	Abiosdsk - ok
11:50:42.0093 2920	abp480n5 - ok
11:50:42.0140 2920	ACPI            (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
11:50:42.0187 2920	ACPI ( UnsignedFile.Multi.Generic ) - warning
11:50:42.0187 2920	ACPI - detected UnsignedFile.Multi.Generic (1)
11:50:42.0218 2920	ACPIEC          (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
11:50:42.0250 2920	ACPIEC ( UnsignedFile.Multi.Generic ) - warning
11:50:42.0250 2920	ACPIEC - detected UnsignedFile.Multi.Generic (1)
11:50:42.0312 2920	AdobeFlashPlayerUpdateSvc (f19c98ad81d2c0e1bbfd8153d2c80ee8) C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
11:50:42.0484 2920	AdobeFlashPlayerUpdateSvc - ok
11:50:42.0500 2920	adpu160m - ok
11:50:42.0515 2920	aec             (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
11:50:42.0578 2920	aec ( UnsignedFile.Multi.Generic ) - warning
11:50:42.0578 2920	aec - detected UnsignedFile.Multi.Generic (1)
11:50:42.0625 2920	AFD             (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
11:50:43.0171 2920	AFD ( UnsignedFile.Multi.Generic ) - warning
11:50:43.0171 2920	AFD - detected UnsignedFile.Multi.Generic (1)
11:50:43.0171 2920	Aha154x - ok
11:50:43.0171 2920	aic78u2 - ok
11:50:43.0187 2920	aic78xx - ok
11:50:43.0203 2920	Alerter         (a9a3daa780ca6c9671a19d52456705b4) C:\WINDOWS\system32\alrsvc.dll
11:50:43.0296 2920	Alerter ( UnsignedFile.Multi.Generic ) - warning
11:50:43.0296 2920	Alerter - detected UnsignedFile.Multi.Generic (1)
11:50:43.0390 2920	ALG             (8c515081584a38aa007909cd02020b3d) C:\WINDOWS\System32\alg.exe
11:50:43.0562 2920	ALG ( UnsignedFile.Multi.Generic ) - warning
11:50:43.0562 2920	ALG - detected UnsignedFile.Multi.Generic (1)
11:50:43.0578 2920	AliIde - ok
11:50:43.0578 2920	amsint - ok
11:50:43.0718 2920	Apple Mobile Device (7ef47644b74ebe721cc32211d3c35e76) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
11:50:43.0812 2920	Apple Mobile Device - ok
11:50:43.0812 2920	asc - ok
11:50:43.0828 2920	asc3350p - ok
11:50:43.0843 2920	asc3550 - ok
11:50:43.0937 2920	aspnet_state    (776acefa0ca9df0faa51a5fb2f435705) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
11:50:44.0015 2920	aspnet_state - ok
11:50:44.0078 2920	asuskbnt        (96b3170a74d8bbae3c897ab9d4dbc885) C:\WINDOWS\system32\drivers\asuskbnt.sys
11:50:44.0500 2920	asuskbnt ( UnsignedFile.Multi.Generic ) - warning
11:50:44.0500 2920	asuskbnt - detected UnsignedFile.Multi.Generic (1)
11:50:44.0531 2920	ASUSKeyboardService (d88499d10981dfb9e5226ed8cf27ab13) C:\WINDOWS\ASUSKBService.exe
11:50:45.0156 2920	ASUSKeyboardService ( UnsignedFile.Multi.Generic ) - warning
11:50:45.0156 2920	ASUSKeyboardService - detected UnsignedFile.Multi.Generic (1)
11:50:45.0187 2920	AsyncMac        (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
11:50:45.0234 2920	AsyncMac ( UnsignedFile.Multi.Generic ) - warning
11:50:45.0234 2920	AsyncMac - detected UnsignedFile.Multi.Generic (1)
11:50:45.0265 2920	atapi           (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
11:50:45.0296 2920	atapi ( UnsignedFile.Multi.Generic ) - warning
11:50:45.0296 2920	atapi - detected UnsignedFile.Multi.Generic (1)
11:50:45.0296 2920	Atdisk - ok
11:50:45.0343 2920	Ati HotKey Poller (bba22521d24625c7a7b8d57fb20a812e) C:\WINDOWS\system32\Ati2evxx.exe
11:50:45.0515 2920	Ati HotKey Poller ( UnsignedFile.Multi.Generic ) - warning
11:50:45.0515 2920	Ati HotKey Poller - detected UnsignedFile.Multi.Generic (1)
11:50:45.0609 2920	ati2mtag        (07ac9a98ea70b5a6655a5797174bd282) C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
11:50:45.0937 2920	ati2mtag ( UnsignedFile.Multi.Generic ) - warning
11:50:45.0937 2920	ati2mtag - detected UnsignedFile.Multi.Generic (1)
11:50:46.0000 2920	Atmarpc         (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
11:50:46.0031 2920	Atmarpc ( UnsignedFile.Multi.Generic ) - warning
11:50:46.0031 2920	Atmarpc - detected UnsignedFile.Multi.Generic (1)
11:50:46.0078 2920	AudioSrv        (def7a7882bec100fe0b2ce2549188f9d) C:\WINDOWS\System32\audiosrv.dll
11:50:46.0125 2920	AudioSrv ( UnsignedFile.Multi.Generic ) - warning
11:50:46.0125 2920	AudioSrv - detected UnsignedFile.Multi.Generic (1)
11:50:46.0171 2920	audstub         (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
11:50:46.0265 2920	audstub ( UnsignedFile.Multi.Generic ) - warning
11:50:46.0265 2920	audstub - detected UnsignedFile.Multi.Generic (1)
11:50:46.0687 2920	AVGIDSAgent     (d67719bcfde5798f5c30d14efed3bcaf) C:\Program Files\AVG\AVG2012\avgidsagent.exe
11:50:47.0125 2920	AVGIDSAgent - ok
11:50:47.0234 2920	AVGIDSDriver    (1074f787080068c71303b61fae7e7ca4) C:\WINDOWS\system32\DRIVERS\avgidsdriverx.sys
11:50:47.0375 2920	AVGIDSDriver - ok
11:50:47.0390 2920	AVGIDSFilter    (61a7e0b02f82cff3db2445bbe50b3589) C:\WINDOWS\system32\DRIVERS\avgidsfilterx.sys
11:50:47.0421 2920	AVGIDSFilter - ok
11:50:47.0437 2920	AVGIDSHX        (d63d83659eedf60b3a3e620281a888e5) C:\WINDOWS\system32\DRIVERS\avgidshx.sys
11:50:47.0515 2920	AVGIDSHX - ok
11:50:47.0546 2920	AVGIDSShim      (baf975b72062f53d327788e99d64197e) C:\WINDOWS\system32\DRIVERS\avgidsshimx.sys
11:50:47.0609 2920	AVGIDSShim - ok
11:50:47.0625 2920	Avgldx86        (dda6a2a18841e4c9172bb85958b8d948) C:\WINDOWS\system32\DRIVERS\avgldx86.sys
11:50:47.0687 2920	Avgldx86 - ok
11:50:47.0703 2920	Avgmfx86        (ccdd61545aaea265977e4b1efdc74e8c) C:\WINDOWS\system32\DRIVERS\avgmfx86.sys
11:50:47.0734 2920	Avgmfx86 - ok
11:50:47.0796 2920	Avgrkx86        (1fd90b28d2c3100bf4500199c8ad6358) C:\WINDOWS\system32\DRIVERS\avgrkx86.sys
11:50:47.0843 2920	Avgrkx86 - ok
11:50:47.0875 2920	Avgtdix         (1263f2554ace925c237a40b4c568d815) C:\WINDOWS\system32\DRIVERS\avgtdix.sys
11:50:47.0937 2920	Avgtdix - ok
11:50:48.0031 2920	avgwd           (ea1145debcd508fd25bd1e95c4346929) C:\Program Files\AVG\AVG2012\avgwdsvc.exe
11:50:48.0109 2920	avgwd - ok
11:50:48.0125 2920	BCM42RLY        (438179abe9b7a922a21b8d6369ff52ff) C:\WINDOWS\System32\BCM42RLY.SYS
11:50:48.0500 2920	BCM42RLY ( UnsignedFile.Multi.Generic ) - warning
11:50:48.0500 2920	BCM42RLY - detected UnsignedFile.Multi.Generic (1)
11:50:48.0531 2920	Beep            (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
11:50:48.0593 2920	Beep ( UnsignedFile.Multi.Generic ) - warning
11:50:48.0593 2920	Beep - detected UnsignedFile.Multi.Generic (1)
11:50:48.0671 2920	Bonjour Service (db5bea73edaf19ac68b2c0fad0f92b1a) C:\Program Files\Bonjour\mDNSResponder.exe
11:50:48.0765 2920	Bonjour Service - ok
11:50:48.0812 2920	Browser         (a06ce3399d16db864f55faeb1f1927a9) C:\WINDOWS\System32\browser.dll
11:50:48.0843 2920	Browser ( UnsignedFile.Multi.Generic ) - warning
11:50:48.0843 2920	Browser - detected UnsignedFile.Multi.Generic (1)
11:50:48.0890 2920	cbidf2k         (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
11:50:48.0937 2920	cbidf2k ( UnsignedFile.Multi.Generic ) - warning
11:50:48.0937 2920	cbidf2k - detected UnsignedFile.Multi.Generic (1)
11:50:48.0984 2920	CCDECODE        (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
11:50:49.0031 2920	CCDECODE ( UnsignedFile.Multi.Generic ) - warning
11:50:49.0031 2920	CCDECODE - detected UnsignedFile.Multi.Generic (1)
11:50:49.0031 2920	cd20xrnt - ok
11:50:49.0062 2920	Cdaudio         (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
11:50:49.0093 2920	Cdaudio ( UnsignedFile.Multi.Generic ) - warning
11:50:49.0093 2920	Cdaudio - detected UnsignedFile.Multi.Generic (1)
11:50:49.0125 2920	Cdfs            (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
11:50:49.0156 2920	Cdfs ( UnsignedFile.Multi.Generic ) - warning
11:50:49.0156 2920	Cdfs - detected UnsignedFile.Multi.Generic (1)
11:50:49.0187 2920	Cdrom           (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
11:50:49.0234 2920	Cdrom ( UnsignedFile.Multi.Generic ) - warning
11:50:49.0234 2920	Cdrom - detected UnsignedFile.Multi.Generic (1)
11:50:49.0250 2920	Changer - ok
11:50:49.0281 2920	CiSvc           (1cfe720eb8d93a7158a4ebc3ab178bde) C:\WINDOWS\system32\cisvc.exe
11:50:49.0328 2920	CiSvc ( UnsignedFile.Multi.Generic ) - warning
11:50:49.0328 2920	CiSvc - detected UnsignedFile.Multi.Generic (1)
11:50:49.0359 2920	ClipSrv         (34cbe729f38138217f9c80212a2a0c82) C:\WINDOWS\system32\clipsrv.exe
11:50:49.0390 2920	ClipSrv ( UnsignedFile.Multi.Generic ) - warning
11:50:49.0390 2920	ClipSrv - detected UnsignedFile.Multi.Generic (1)
11:50:49.0500 2920	clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
11:50:49.0562 2920	clr_optimization_v2.0.50727_32 - ok
11:50:49.0640 2920	clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
11:50:49.0703 2920	clr_optimization_v4.0.30319_32 - ok
11:50:49.0718 2920	CmdIde - ok
11:50:49.0718 2920	COMSysApp - ok
11:50:49.0734 2920	Cpqarray - ok
11:50:49.0828 2920	cpuz130 - ok
11:50:49.0875 2920	CryptSvc        (3d4e199942e29207970e04315d02ad3b) C:\WINDOWS\System32\cryptsvc.dll
11:50:49.0906 2920	CryptSvc ( UnsignedFile.Multi.Generic ) - warning
11:50:49.0906 2920	CryptSvc - detected UnsignedFile.Multi.Generic (1)
11:50:49.0906 2920	dac2w2k - ok
11:50:49.0906 2920	dac960nt - ok
11:50:49.0968 2920	DcomLaunch      (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\system32\rpcss.dll
11:50:50.0031 2920	DcomLaunch ( UnsignedFile.Multi.Generic ) - warning
11:50:50.0031 2920	DcomLaunch - detected UnsignedFile.Multi.Generic (1)
11:50:50.0062 2920	Dhcp            (5e38d7684a49cacfb752b046357e0589) C:\WINDOWS\System32\dhcpcsvc.dll
11:50:50.0109 2920	Dhcp ( UnsignedFile.Multi.Generic ) - warning
11:50:50.0109 2920	Dhcp - detected UnsignedFile.Multi.Generic (1)
11:50:50.0125 2920	Disk            (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
11:50:50.0156 2920	Disk ( UnsignedFile.Multi.Generic ) - warning
11:50:50.0156 2920	Disk - detected UnsignedFile.Multi.Generic (1)
11:50:50.0156 2920	dmadmin - ok
11:50:50.0203 2920	dmboot          (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
11:50:50.0281 2920	dmboot ( UnsignedFile.Multi.Generic ) - warning
11:50:50.0281 2920	dmboot - detected UnsignedFile.Multi.Generic (1)
11:50:50.0312 2920	dmio            (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
11:50:50.0343 2920	dmio ( UnsignedFile.Multi.Generic ) - warning
11:50:50.0343 2920	dmio - detected UnsignedFile.Multi.Generic (1)
11:50:50.0375 2920	dmload          (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
11:50:50.0468 2920	dmload ( UnsignedFile.Multi.Generic ) - warning
11:50:50.0468 2920	dmload - detected UnsignedFile.Multi.Generic (1)
11:50:50.0515 2920	dmserver        (57edec2e5f59f0335e92f35184bc8631) C:\WINDOWS\System32\dmserver.dll
11:50:50.0593 2920	dmserver ( UnsignedFile.Multi.Generic ) - warning
11:50:50.0593 2920	dmserver - detected UnsignedFile.Multi.Generic (1)
11:50:50.0609 2920	DMusic          (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
11:50:50.0687 2920	DMusic ( UnsignedFile.Multi.Generic ) - warning
11:50:50.0687 2920	DMusic - detected UnsignedFile.Multi.Generic (1)
11:50:50.0703 2920	Dnscache        (5f7e24fa9eab896051ffb87f840730d2) C:\WINDOWS\System32\dnsrslvr.dll
11:50:50.0750 2920	Dnscache ( UnsignedFile.Multi.Generic ) - warning
11:50:50.0750 2920	Dnscache - detected UnsignedFile.Multi.Generic (1)
11:50:50.0796 2920	Dot3svc         (0f0f6e687e5e15579ef4da8dd6945814) C:\WINDOWS\System32\dot3svc.dll
11:50:50.0890 2920	Dot3svc ( UnsignedFile.Multi.Generic ) - warning
11:50:50.0906 2920	Dot3svc - detected UnsignedFile.Multi.Generic (1)
11:50:50.0906 2920	dpti2o - ok
11:50:50.0937 2920	drmkaud         (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
11:50:50.0968 2920	drmkaud ( UnsignedFile.Multi.Generic ) - warning
11:50:50.0968 2920	drmkaud - detected UnsignedFile.Multi.Generic (1)
11:50:51.0000 2920	dtsoftbus01     (87b0f28c43b50bbb917f4400fa63cd31) C:\WINDOWS\system32\DRIVERS\dtsoftbus01.sys
11:50:51.0062 2920	dtsoftbus01 - ok
11:50:51.0093 2920	E100B           (d57a8fc800b501ac05b10d00f66d127a) C:\WINDOWS\system32\DRIVERS\e100b325.sys
11:50:51.0125 2920	E100B ( UnsignedFile.Multi.Generic ) - warning
11:50:51.0125 2920	E100B - detected UnsignedFile.Multi.Generic (1)
11:50:51.0156 2920	EapHost         (2187855a7703adef0cef9ee4285182cc) C:\WINDOWS\System32\eapsvc.dll
11:50:51.0218 2920	EapHost ( UnsignedFile.Multi.Generic ) - warning
11:50:51.0218 2920	EapHost - detected UnsignedFile.Multi.Generic (1)
11:50:51.0250 2920	EIO             (e41f6ac72e597e5f87b4a9ab0d8ab8bc) C:\WINDOWS\system32\drivers\EIO.sys
11:50:51.0515 2920	EIO ( UnsignedFile.Multi.Generic ) - warning
11:50:51.0515 2920	EIO - detected UnsignedFile.Multi.Generic (1)
11:50:51.0531 2920	ENTECH          (16ebd8bf1d5090923694cc972c7ce1b4) C:\WINDOWS\system32\DRIVERS\ENTECH.sys
11:50:51.0593 2920	ENTECH - ok
11:50:51.0640 2920	ERSvc           (bc93b4a066477954555966d77fec9ecb) C:\WINDOWS\System32\ersvc.dll
11:50:51.0656 2920	ERSvc ( UnsignedFile.Multi.Generic ) - warning
11:50:51.0656 2920	ERSvc - detected UnsignedFile.Multi.Generic (1)
11:50:51.0718 2920	Eventlog        (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe
11:50:51.0796 2920	Eventlog ( UnsignedFile.Multi.Generic ) - warning
11:50:51.0796 2920	Eventlog - detected UnsignedFile.Multi.Generic (1)
11:50:51.0843 2920	EventSystem     (d4991d98f2db73c60d042f1aef79efae) C:\WINDOWS\system32\es.dll
11:50:51.0906 2920	EventSystem ( UnsignedFile.Multi.Generic ) - warning
11:50:51.0906 2920	EventSystem - detected UnsignedFile.Multi.Generic (1)
11:50:51.0937 2920	Fastfat         (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
11:50:51.0984 2920	Fastfat ( UnsignedFile.Multi.Generic ) - warning
11:50:51.0984 2920	Fastfat - detected UnsignedFile.Multi.Generic (1)
11:50:52.0015 2920	FastUserSwitchingCompatibility (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
11:50:52.0171 2920	FastUserSwitchingCompatibility ( UnsignedFile.Multi.Generic ) - warning
11:50:52.0171 2920	FastUserSwitchingCompatibility - detected UnsignedFile.Multi.Generic (1)
11:50:52.0203 2920	Fdc             (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys
11:50:52.0234 2920	Fdc ( UnsignedFile.Multi.Generic ) - warning
11:50:52.0234 2920	Fdc - detected UnsignedFile.Multi.Generic (1)
11:50:52.0250 2920	FilterService - ok
11:50:52.0265 2920	Fips            (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
11:50:52.0281 2920	Fips ( UnsignedFile.Multi.Generic ) - warning
11:50:52.0281 2920	Fips - detected UnsignedFile.Multi.Generic (1)
11:50:52.0296 2920	Flpydisk        (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
11:50:52.0343 2920	Flpydisk ( UnsignedFile.Multi.Generic ) - warning
11:50:52.0343 2920	Flpydisk - detected UnsignedFile.Multi.Generic (1)
11:50:52.0375 2920	FltMgr          (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
11:50:52.0406 2920	FltMgr ( UnsignedFile.Multi.Generic ) - warning
11:50:52.0406 2920	FltMgr - detected UnsignedFile.Multi.Generic (1)
11:50:52.0562 2920	FontCache3.0.0.0 (8ba7c024070f2b7fdd98ed8a4ba41789) c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
11:50:52.0609 2920	FontCache3.0.0.0 - ok
11:50:52.0625 2920	Fs_Rec          (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
11:50:52.0671 2920	Fs_Rec ( UnsignedFile.Multi.Generic ) - warning
11:50:52.0671 2920	Fs_Rec - detected UnsignedFile.Multi.Generic (1)
11:50:52.0703 2920	Ftdisk          (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
11:50:52.0750 2920	Ftdisk ( UnsignedFile.Multi.Generic ) - warning
11:50:52.0750 2920	Ftdisk - detected UnsignedFile.Multi.Generic (1)
11:50:52.0781 2920	GEARAspiWDM     (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
11:50:52.0843 2920	GEARAspiWDM - ok
11:50:52.0906 2920	Gpc             (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
11:50:52.0953 2920	Gpc ( UnsignedFile.Multi.Generic ) - warning
11:50:52.0953 2920	Gpc - detected UnsignedFile.Multi.Generic (1)
11:50:53.0000 2920	hardlock        (2d662dfca1148e77f4eb55cb72443bf6) C:\WINDOWS\system32\drivers\hardlock.sys
11:50:53.0078 2920	hardlock ( UnsignedFile.Multi.Generic ) - warning
11:50:53.0078 2920	hardlock - detected UnsignedFile.Multi.Generic (1)
11:50:53.0140 2920	helpsvc         (4fcca060dfe0c51a09dd5c3843888bcd) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
11:50:53.0187 2920	helpsvc ( UnsignedFile.Multi.Generic ) - warning
11:50:53.0187 2920	helpsvc - detected UnsignedFile.Multi.Generic (1)
11:50:53.0218 2920	HidUsb          (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
11:50:53.0265 2920	HidUsb ( UnsignedFile.Multi.Generic ) - warning
11:50:53.0265 2920	HidUsb - detected UnsignedFile.Multi.Generic (1)
11:50:53.0281 2920	hkmsvc          (8878bd685e490239777bfe51320b88e9) C:\WINDOWS\System32\kmsvc.dll
11:50:53.0312 2920	hkmsvc ( UnsignedFile.Multi.Generic ) - warning
11:50:53.0312 2920	hkmsvc - detected UnsignedFile.Multi.Generic (1)
11:50:53.0328 2920	hpn - ok
11:50:53.0359 2920	HPZid412        (287a63bd8509bd78e7978823b38afa81) C:\WINDOWS\system32\DRIVERS\HPZid412.sys
11:50:53.0421 2920	HPZid412 ( UnsignedFile.Multi.Generic ) - warning
11:50:53.0421 2920	HPZid412 - detected UnsignedFile.Multi.Generic (1)
11:50:53.0437 2920	HPZipr12        (0b4fda2657c3e0315eaa57f9c6d4fd1f) C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
11:50:53.0484 2920	HPZipr12 ( UnsignedFile.Multi.Generic ) - warning
11:50:53.0484 2920	HPZipr12 - detected UnsignedFile.Multi.Generic (1)
11:50:53.0515 2920	HPZius12        (29559db25258b60510a60c4e470fce32) C:\WINDOWS\system32\DRIVERS\HPZius12.sys
11:50:53.0562 2920	HPZius12 ( UnsignedFile.Multi.Generic ) - warning
11:50:53.0562 2920	HPZius12 - detected UnsignedFile.Multi.Generic (1)
11:50:53.0593 2920	HTTP            (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
11:50:53.0703 2920	HTTP ( UnsignedFile.Multi.Generic ) - warning
11:50:53.0703 2920	HTTP - detected UnsignedFile.Multi.Generic (1)
11:50:53.0734 2920	HTTPFilter      (6100a808600f44d999cebdef8841c7a3) C:\WINDOWS\System32\w3ssl.dll
11:50:53.0796 2920	HTTPFilter ( UnsignedFile.Multi.Generic ) - warning
11:50:53.0796 2920	HTTPFilter - detected UnsignedFile.Multi.Generic (1)
11:50:53.0812 2920	i2omgmt - ok
11:50:53.0812 2920	i2omp - ok
11:50:53.0859 2920	i8042prt        (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
11:50:53.0953 2920	i8042prt ( UnsignedFile.Multi.Generic ) - warning
11:50:53.0953 2920	i8042prt - detected UnsignedFile.Multi.Generic (1)
11:50:54.0062 2920	IDriverT        (1cf03c69b49acb70c722df92755c0c8c) C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
11:50:54.0515 2920	IDriverT ( UnsignedFile.Multi.Generic ) - warning
11:50:54.0515 2920	IDriverT - detected UnsignedFile.Multi.Generic (1)
11:50:54.0578 2920	idsvc           (c01ac32dc5c03076cfb852cb5da5229c) C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
11:50:54.0703 2920	idsvc - ok
11:50:54.0718 2920	Imapi           (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
11:50:54.0750 2920	Imapi ( UnsignedFile.Multi.Generic ) - warning
11:50:54.0750 2920	Imapi - detected UnsignedFile.Multi.Generic (1)
11:50:54.0812 2920	ImapiService    (30deaf54a9755bb8546168cfe8a6b5e1) C:\WINDOWS\system32\imapi.exe
11:50:54.0843 2920	ImapiService ( UnsignedFile.Multi.Generic ) - warning
11:50:54.0843 2920	ImapiService - detected UnsignedFile.Multi.Generic (1)
11:50:54.0843 2920	ini910u - ok
11:50:54.0859 2920	IntelIde        (b5466a9250342a7aa0cd1fba13420678) C:\WINDOWS\system32\DRIVERS\intelide.sys
11:50:54.0890 2920	IntelIde ( UnsignedFile.Multi.Generic ) - warning
11:50:54.0890 2920	IntelIde - detected UnsignedFile.Multi.Generic (1)
11:50:54.0937 2920	intelppm        (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
11:50:54.0968 2920	intelppm ( UnsignedFile.Multi.Generic ) - warning
11:50:54.0968 2920	intelppm - detected UnsignedFile.Multi.Generic (1)
11:50:55.0000 2920	Ip6Fw           (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
11:50:55.0046 2920	Ip6Fw ( UnsignedFile.Multi.Generic ) - warning
11:50:55.0046 2920	Ip6Fw - detected UnsignedFile.Multi.Generic (1)
11:50:55.0078 2920	IpFilterDriver  (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
11:50:55.0109 2920	IpFilterDriver ( UnsignedFile.Multi.Generic ) - warning
11:50:55.0109 2920	IpFilterDriver - detected UnsignedFile.Multi.Generic (1)
11:50:55.0140 2920	IpInIp          (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
11:50:55.0203 2920	IpInIp ( UnsignedFile.Multi.Generic ) - warning
11:50:55.0203 2920	IpInIp - detected UnsignedFile.Multi.Generic (1)
11:50:55.0218 2920	IpNat           (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
11:50:55.0265 2920	IpNat ( UnsignedFile.Multi.Generic ) - warning
11:50:55.0265 2920	IpNat - detected UnsignedFile.Multi.Generic (1)
11:50:55.0328 2920	iPod Service    (57edb35ea2feca88f8b17c0c095c9a56) C:\Program Files\iPod\bin\iPodService.exe
11:50:55.0390 2920	iPod Service - ok
11:50:55.0406 2920	IPSec           (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
11:50:55.0437 2920	IPSec ( UnsignedFile.Multi.Generic ) - warning
11:50:55.0437 2920	IPSec - detected UnsignedFile.Multi.Generic (1)
11:50:55.0453 2920	IPVNMon - ok
11:50:55.0468 2920	IRENUM          (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
11:50:55.0515 2920	IRENUM ( UnsignedFile.Multi.Generic ) - warning
11:50:55.0515 2920	IRENUM - detected UnsignedFile.Multi.Generic (1)
11:50:55.0593 2920	is-CQL5Adrv     (0aa3ad071827118fcc8f37f7a6ab7aa1) C:\WINDOWS\system32\DRIVERS\06999867.sys
11:50:55.0703 2920	is-CQL5Adrv - ok
11:50:55.0718 2920	isapnp          (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
11:50:55.0750 2920	isapnp ( UnsignedFile.Multi.Generic ) - warning
11:50:55.0750 2920	isapnp - detected UnsignedFile.Multi.Generic (1)
11:50:55.0859 2920	JavaQuickStarterService (0a5709543986843d37a92290b7838340) C:\Program Files\Java\jre6\bin\jqs.exe
11:50:55.0921 2920	JavaQuickStarterService - ok
11:50:55.0953 2920	Kbdclass        (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
11:50:56.0000 2920	Kbdclass ( UnsignedFile.Multi.Generic ) - warning
11:50:56.0000 2920	Kbdclass - detected UnsignedFile.Multi.Generic (1)
11:50:56.0015 2920	kmixer          (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
11:50:56.0046 2920	kmixer ( UnsignedFile.Multi.Generic ) - warning
11:50:56.0046 2920	kmixer - detected UnsignedFile.Multi.Generic (1)
11:50:56.0046 2920	ks2avs - ok
11:50:56.0062 2920	ks2usb_svc - ok
11:50:56.0093 2920	KSecDD          (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
11:50:56.0140 2920	KSecDD ( UnsignedFile.Multi.Generic ) - warning
11:50:56.0140 2920	KSecDD - detected UnsignedFile.Multi.Generic (1)
11:50:56.0171 2920	lanmanserver    (3a7c3cbe5d96b8ae96ce81f0b22fb527) C:\WINDOWS\System32\srvsvc.dll
11:50:56.0250 2920	lanmanserver ( UnsignedFile.Multi.Generic ) - warning
11:50:56.0250 2920	lanmanserver - detected UnsignedFile.Multi.Generic (1)
11:50:56.0281 2920	lanmanworkstation (a8888a5327621856c0cec4e385f69309) C:\WINDOWS\System32\wkssvc.dll
11:50:56.0359 2920	lanmanworkstation ( UnsignedFile.Multi.Generic ) - warning
11:50:56.0359 2920	lanmanworkstation - detected UnsignedFile.Multi.Generic (1)
11:50:56.0375 2920	lbrtfdc - ok
11:50:56.0406 2920	LmHosts         (a7db739ae99a796d91580147e919cc59) C:\WINDOWS\System32\lmhsvc.dll
11:50:56.0468 2920	LmHosts ( UnsignedFile.Multi.Generic ) - warning
11:50:56.0468 2920	LmHosts - detected UnsignedFile.Multi.Generic (1)
11:50:56.0500 2920	LPDSVC          (32933b07fc16d9f778bee12545fa1b1a) C:\WINDOWS\system32\tcpsvcs.exe
11:50:56.0546 2920	LPDSVC ( UnsignedFile.Multi.Generic ) - warning
11:50:56.0546 2920	LPDSVC - detected UnsignedFile.Multi.Generic (1)
11:50:56.0562 2920	LVRS - ok
11:50:56.0562 2920	LVUSBSta - ok
11:50:56.0578 2920	LVUVC - ok
11:50:56.0671 2920	McciServiceHost (eee1ea23c4777adb268a36196a631200) C:\Program Files\Common Files\Motive\McciServiceHost.exe
11:50:57.0703 2920	McciServiceHost ( UnsignedFile.Multi.Generic ) - warning
11:50:57.0703 2920	McciServiceHost - detected UnsignedFile.Multi.Generic (1)
11:50:57.0734 2920	Messenger       (986b1ff5814366d71e0ac5755c88f2d3) C:\WINDOWS\System32\msgsvc.dll
11:50:57.0781 2920	Messenger ( UnsignedFile.Multi.Generic ) - warning
11:50:57.0781 2920	Messenger - detected UnsignedFile.Multi.Generic (1)
11:50:57.0859 2920	Microsoft Office Groove Audit Service (123271bd5237ab991dc5c21fdf8835eb) C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
11:50:57.0906 2920	Microsoft Office Groove Audit Service - ok
11:50:57.0937 2920	mnmdd           (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
11:50:58.0000 2920	mnmdd ( UnsignedFile.Multi.Generic ) - warning
11:50:58.0000 2920	mnmdd - detected UnsignedFile.Multi.Generic (1)
11:50:58.0031 2920	mnmsrvc         (d18f1f0c101d06a1c1adf26eed16fcdd) C:\WINDOWS\system32\mnmsrvc.exe
11:50:58.0093 2920	mnmsrvc ( UnsignedFile.Multi.Generic ) - warning
11:50:58.0093 2920	mnmsrvc - detected UnsignedFile.Multi.Generic (1)
11:50:58.0140 2920	Modem           (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
11:50:58.0187 2920	Modem ( UnsignedFile.Multi.Generic ) - warning
11:50:58.0187 2920	Modem - detected UnsignedFile.Multi.Generic (1)
11:50:58.0218 2920	motmodem        (fe80c18ba448ddd76b7bead9eb203d37) C:\WINDOWS\system32\DRIVERS\motmodem.sys
11:50:58.0312 2920	motmodem ( UnsignedFile.Multi.Generic ) - warning
11:50:58.0312 2920	motmodem - detected UnsignedFile.Multi.Generic (1)
11:50:58.0328 2920	Mouclass        (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
11:50:58.0421 2920	Mouclass ( UnsignedFile.Multi.Generic ) - warning
11:50:58.0421 2920	Mouclass - detected UnsignedFile.Multi.Generic (1)
11:50:58.0453 2920	MountMgr        (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
11:50:58.0500 2920	MountMgr ( UnsignedFile.Multi.Generic ) - warning
11:50:58.0500 2920	MountMgr - detected UnsignedFile.Multi.Generic (1)
11:50:58.0531 2920	MozillaMaintenance (46297fa8e30a6007f14118fc2b942fbc) C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
11:50:58.0578 2920	MozillaMaintenance - ok
11:50:58.0593 2920	MpFilter        (d993bea500e7382dc4e760bf4f35efcb) C:\WINDOWS\system32\DRIVERS\MpFilter.sys
11:50:58.0671 2920	MpFilter - ok
11:50:58.0718 2920	MR97310_USB_DUAL_CAMERA (2d5990203cb98b7dfd13d73d71c48028) C:\WINDOWS\system32\DRIVERS\mr97310c.sys
11:50:58.0765 2920	MR97310_USB_DUAL_CAMERA ( UnsignedFile.Multi.Generic ) - warning
11:50:58.0765 2920	MR97310_USB_DUAL_CAMERA - detected UnsignedFile.Multi.Generic (1)
11:50:58.0765 2920	mraid35x - ok
11:50:58.0796 2920	MREMP50         (9bd4dcb5412921864a7aacdedfbd1923) C:\PROGRA~1\COMMON~1\Motive\MREMP50.SYS
11:50:59.0078 2920	MREMP50 ( UnsignedFile.Multi.Generic ) - warning
11:50:59.0078 2920	MREMP50 - detected UnsignedFile.Multi.Generic (1)
11:50:59.0078 2920	MREMPR5 - ok
11:50:59.0078 2920	MRENDIS5 - ok
11:50:59.0125 2920	MRESP50         (07c02c892e8e1a72d6bf35004f0e9c5e) C:\PROGRA~1\COMMON~1\Motive\MRESP50.SYS
11:50:59.0515 2920	MRESP50 ( UnsignedFile.Multi.Generic ) - warning
11:50:59.0515 2920	MRESP50 - detected UnsignedFile.Multi.Generic (1)
11:50:59.0875 2920	MRxDAV          (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
11:50:59.0953 2920	MRxDAV ( UnsignedFile.Multi.Generic ) - warning
11:50:59.0953 2920	MRxDAV - detected UnsignedFile.Multi.Generic (1)
11:51:00.0250 2920	MRxSmb          (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
11:51:00.0718 2920	MRxSmb ( UnsignedFile.Multi.Generic ) - warning
11:51:00.0718 2920	MRxSmb - detected UnsignedFile.Multi.Generic (1)
11:51:00.0750 2920	MSDTC           (a137f1470499a205abbb9aafb3b6f2b1) C:\WINDOWS\system32\msdtc.exe
11:51:00.0781 2920	MSDTC ( UnsignedFile.Multi.Generic ) - warning
11:51:00.0781 2920	MSDTC - detected UnsignedFile.Multi.Generic (1)
11:51:00.0812 2920	Msfs            (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
11:51:00.0843 2920	Msfs ( UnsignedFile.Multi.Generic ) - warning
11:51:00.0843 2920	Msfs - detected UnsignedFile.Multi.Generic (1)
11:51:00.0843 2920	MSIServer - ok
11:51:00.0875 2920	MSKSSRV         (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
11:51:00.0906 2920	MSKSSRV ( UnsignedFile.Multi.Generic ) - warning
11:51:00.0906 2920	MSKSSRV - detected UnsignedFile.Multi.Generic (1)
11:51:00.0937 2920	MSPCLOCK        (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
11:51:00.0953 2920	MSPCLOCK ( UnsignedFile.Multi.Generic ) - warning
11:51:00.0953 2920	MSPCLOCK - detected UnsignedFile.Multi.Generic (1)
11:51:00.0968 2920	MSPQM           (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
11:51:01.0000 2920	MSPQM ( UnsignedFile.Multi.Generic ) - warning
11:51:01.0000 2920	MSPQM - detected UnsignedFile.Multi.Generic (1)
11:51:01.0031 2920	mssmbios        (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
11:51:01.0078 2920	mssmbios ( UnsignedFile.Multi.Generic ) - warning
11:51:01.0078 2920	mssmbios - detected UnsignedFile.Multi.Generic (1)
11:51:01.0093 2920	MSTEE           (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
11:51:01.0125 2920	MSTEE ( UnsignedFile.Multi.Generic ) - warning
11:51:01.0125 2920	MSTEE - detected UnsignedFile.Multi.Generic (1)
11:51:01.0171 2920	Mup             (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
11:51:01.0234 2920	Mup ( UnsignedFile.Multi.Generic ) - warning
11:51:01.0234 2920	Mup - detected UnsignedFile.Multi.Generic (1)
11:51:01.0265 2920	NABTSFEC        (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
11:51:01.0296 2920	NABTSFEC ( UnsignedFile.Multi.Generic ) - warning
11:51:01.0296 2920	NABTSFEC - detected UnsignedFile.Multi.Generic (1)
11:51:01.0328 2920	napagent        (0102140028fad045756796e1c685d695) C:\WINDOWS\System32\qagentrt.dll
11:51:01.0375 2920	napagent ( UnsignedFile.Multi.Generic ) - warning
11:51:01.0375 2920	napagent - detected UnsignedFile.Multi.Generic (1)
11:51:01.0406 2920	NDIS            (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
11:51:01.0468 2920	NDIS ( UnsignedFile.Multi.Generic ) - warning
11:51:01.0468 2920	NDIS - detected UnsignedFile.Multi.Generic (1)
11:51:01.0484 2920	NdisIP          (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
11:51:01.0515 2920	NdisIP ( UnsignedFile.Multi.Generic ) - warning
11:51:01.0515 2920	NdisIP - detected UnsignedFile.Multi.Generic (1)
11:51:01.0546 2920	NdisTapi        (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
11:51:01.0921 2920	NdisTapi ( UnsignedFile.Multi.Generic ) - warning
11:51:01.0921 2920	NdisTapi - detected UnsignedFile.Multi.Generic (1)
11:51:01.0968 2920	Ndisuio         (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
11:51:02.0000 2920	Ndisuio ( UnsignedFile.Multi.Generic ) - warning
11:51:02.0000 2920	Ndisuio - detected UnsignedFile.Multi.Generic (1)
11:51:02.0031 2920	NdisWan         (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
11:51:02.0062 2920	NdisWan ( UnsignedFile.Multi.Generic ) - warning
11:51:02.0062 2920	NdisWan - detected UnsignedFile.Multi.Generic (1)
11:51:02.0093 2920	NDProxy         (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
11:51:02.0125 2920	NDProxy ( UnsignedFile.Multi.Generic ) - warning
11:51:02.0125 2920	NDProxy - detected UnsignedFile.Multi.Generic (1)
11:51:02.0156 2920	NetBIOS         (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
11:51:02.0187 2920	NetBIOS ( UnsignedFile.Multi.Generic ) - warning
11:51:02.0187 2920	NetBIOS - detected UnsignedFile.Multi.Generic (1)
11:51:02.0218 2920	NetBT           (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
11:51:02.0250 2920	NetBT ( UnsignedFile.Multi.Generic ) - warning
11:51:02.0250 2920	NetBT - detected UnsignedFile.Multi.Generic (1)
11:51:02.0281 2920	NetDDE          (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe
11:51:02.0328 2920	NetDDE ( UnsignedFile.Multi.Generic ) - warning
11:51:02.0328 2920	NetDDE - detected UnsignedFile.Multi.Generic (1)
11:51:02.0328 2920	NetDDEdsdm      (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe
11:51:02.0359 2920	NetDDEdsdm ( UnsignedFile.Multi.Generic ) - warning
11:51:02.0359 2920	NetDDEdsdm - detected UnsignedFile.Multi.Generic (1)
11:51:02.0390 2920	Netlogon        (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
11:51:02.0437 2920	Netlogon ( UnsignedFile.Multi.Generic ) - warning
11:51:02.0437 2920	Netlogon - detected UnsignedFile.Multi.Generic (1)
11:51:02.0484 2920	Netman          (13e67b55b3abd7bf3fe7aae5a0f9a9de) C:\WINDOWS\System32\netman.dll
11:51:02.0531 2920	Netman ( UnsignedFile.Multi.Generic ) - warning
11:51:02.0531 2920	Netman - detected UnsignedFile.Multi.Generic (1)
11:51:02.0625 2920	NetTcpPortSharing (d34612c5d02d026535b3095d620626ae) c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
11:51:02.0671 2920	NetTcpPortSharing - ok
11:51:02.0921 2920	NIHardwareService (328e366e253b788256956532dfbf8a8a) C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
11:51:03.0875 2920	NIHardwareService ( UnsignedFile.Multi.Generic ) - warning
11:51:03.0875 2920	NIHardwareService - detected UnsignedFile.Multi.Generic (1)
11:51:03.0984 2920	Nla             (943337d786a56729263071623bbb9de5) C:\WINDOWS\System32\mswsock.dll
11:51:04.0046 2920	Nla ( UnsignedFile.Multi.Generic ) - warning
11:51:04.0046 2920	Nla - detected UnsignedFile.Multi.Generic (1)
11:51:04.0062 2920	nm              (1e421a6bcf2203cc61b821ada9de878b) C:\WINDOWS\system32\DRIVERS\NMnt.sys
11:51:04.0109 2920	nm ( UnsignedFile.Multi.Generic ) - warning
11:51:04.0109 2920	nm - detected UnsignedFile.Multi.Generic (1)
11:51:04.0125 2920	Npfs            (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
11:51:04.0187 2920	Npfs ( UnsignedFile.Multi.Generic ) - warning
11:51:04.0187 2920	Npfs - detected UnsignedFile.Multi.Generic (1)
11:51:04.0234 2920	Ntfs            (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
11:51:04.0312 2920	Ntfs ( UnsignedFile.Multi.Generic ) - warning
11:51:04.0312 2920	Ntfs - detected UnsignedFile.Multi.Generic (1)
11:51:04.0343 2920	NtLmSsp         (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
11:51:04.0390 2920	NtLmSsp ( UnsignedFile.Multi.Generic ) - warning
11:51:04.0390 2920	NtLmSsp - detected UnsignedFile.Multi.Generic (1)
11:51:04.0437 2920	NtmsSvc         (156f64a3345bd23c600655fb4d10bc08) C:\WINDOWS\system32\ntmssvc.dll
11:51:04.0531 2920	NtmsSvc ( UnsignedFile.Multi.Generic ) - warning
11:51:04.0531 2920	NtmsSvc - detected UnsignedFile.Multi.Generic (1)
11:51:04.0578 2920	Null            (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
11:51:04.0640 2920	Null ( UnsignedFile.Multi.Generic ) - warning
11:51:04.0640 2920	Null - detected UnsignedFile.Multi.Generic (1)
11:51:04.0687 2920	NwlnkFlt        (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
11:51:04.0765 2920	NwlnkFlt ( UnsignedFile.Multi.Generic ) - warning
11:51:04.0765 2920	NwlnkFlt - detected UnsignedFile.Multi.Generic (1)
11:51:04.0796 2920	NwlnkFwd        (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
11:51:04.0875 2920	NwlnkFwd ( UnsignedFile.Multi.Generic ) - warning
11:51:04.0875 2920	NwlnkFwd - detected UnsignedFile.Multi.Generic (1)
11:51:04.0890 2920	NwlnkIpx        (8b8b1be2dba4025da6786c645f77f123) C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys
11:51:04.0984 2920	NwlnkIpx ( UnsignedFile.Multi.Generic ) - warning
11:51:04.0984 2920	NwlnkIpx - detected UnsignedFile.Multi.Generic (1)
11:51:05.0046 2920	NwlnkNb         (56d34a67c05e94e16377c60609741ff8) C:\WINDOWS\system32\DRIVERS\nwlnknb.sys
11:51:05.0125 2920	NwlnkNb ( UnsignedFile.Multi.Generic ) - warning
11:51:05.0125 2920	NwlnkNb - detected UnsignedFile.Multi.Generic (1)
11:51:05.0140 2920	NwlnkSpx        (c0bb7d1615e1acbdc99757f6ceaf8cf0) C:\WINDOWS\system32\DRIVERS\nwlnkspx.sys
11:51:05.0187 2920	NwlnkSpx ( UnsignedFile.Multi.Generic ) - warning
11:51:05.0187 2920	NwlnkSpx - detected UnsignedFile.Multi.Generic (1)
11:51:05.0218 2920	NwSapAgent      (4b83fcbbe72af5f99d109798653e8b78) C:\WINDOWS\System32\ipxsap.dll
11:51:05.0250 2920	NwSapAgent ( UnsignedFile.Multi.Generic ) - warning
11:51:05.0250 2920	NwSapAgent - detected UnsignedFile.Multi.Generic (1)
11:51:05.0359 2920	odserv          (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
11:51:05.0468 2920	odserv - ok
11:51:05.0515 2920	OMCI            (cec7e2c6c1fa00c7ab2f5434f848ae51) C:\WINDOWS\SYSTEM32\DRIVERS\OMCI.SYS
11:51:05.0828 2920	OMCI ( UnsignedFile.Multi.Generic ) - warning
11:51:05.0828 2920	OMCI - detected UnsignedFile.Multi.Generic (1)
11:51:05.0859 2920	ose             (5a432a042dae460abe7199b758e8606c) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
11:51:05.0890 2920	ose - ok
11:51:05.0921 2920	Parport         (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys
11:51:05.0984 2920	Parport ( UnsignedFile.Multi.Generic ) - warning
11:51:05.0984 2920	Parport - detected UnsignedFile.Multi.Generic (1)
11:51:06.0015 2920	PartMgr         (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
11:51:06.0046 2920	PartMgr ( UnsignedFile.Multi.Generic ) - warning
11:51:06.0046 2920	PartMgr - detected UnsignedFile.Multi.Generic (1)
11:51:06.0078 2920	ParVdm          (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
11:51:06.0109 2920	ParVdm ( UnsignedFile.Multi.Generic ) - warning
11:51:06.0109 2920	ParVdm - detected UnsignedFile.Multi.Generic (1)
11:51:06.0187 2920	pcCMService     (bae04007a679893e975a2b75e9e001e9) C:\Program Files\Common Files\Motive\pcCMService.exe
11:51:06.0968 2920	pcCMService ( UnsignedFile.Multi.Generic ) - warning
11:51:06.0968 2920	pcCMService - detected UnsignedFile.Multi.Generic (1)
11:51:07.0000 2920	PCI             (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
11:51:07.0062 2920	PCI ( UnsignedFile.Multi.Generic ) - warning
11:51:07.0062 2920	PCI - detected UnsignedFile.Multi.Generic (1)
11:51:07.0062 2920	PCIDump - ok
11:51:07.0062 2920	PCIIde          (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
11:51:07.0093 2920	PCIIde ( UnsignedFile.Multi.Generic ) - warning
11:51:07.0093 2920	PCIIde - detected UnsignedFile.Multi.Generic (1)
11:51:07.0125 2920	Pcmcia          (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys
11:51:07.0156 2920	Pcmcia ( UnsignedFile.Multi.Generic ) - warning
11:51:07.0156 2920	Pcmcia - detected UnsignedFile.Multi.Generic (1)
11:51:07.0203 2920	pcServiceHost   (a792405e6c84c3debc02b1cf29a928f0) C:\Program Files\Common Files\Motive\pcServiceHost.exe
11:51:07.0765 2920	pcServiceHost ( UnsignedFile.Multi.Generic ) - warning
11:51:07.0765 2920	pcServiceHost - detected UnsignedFile.Multi.Generic (1)
11:51:07.0765 2920	PDCOMP - ok
11:51:07.0781 2920	PDFRAME - ok
11:51:07.0781 2920	PDRELI - ok
11:51:07.0796 2920	PDRFRAME - ok
11:51:07.0796 2920	perc2 - ok
11:51:07.0796 2920	perc2hib - ok
11:51:07.0859 2920	phc700          (8a3a05186cc4a9198581a0a09d38e959) C:\WINDOWS\system32\DRIVERS\phc700.sys
11:51:07.0968 2920	phc700 ( UnsignedFile.Multi.Generic ) - warning
11:51:07.0968 2920	phc700 - detected UnsignedFile.Multi.Generic (1)
11:51:08.0015 2920	PlugPlay        (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe
11:51:08.0046 2920	PlugPlay ( UnsignedFile.Multi.Generic ) - warning
11:51:08.0046 2920	PlugPlay - detected UnsignedFile.Multi.Generic (1)
11:51:08.0078 2920	Pml Driver HPZ12 (5c1cadd1cb67c0b9d8a84ec6e4d6b5cc) C:\WINDOWS\system32\HPZipm12.exe
11:51:08.0156 2920	Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
11:51:08.0156 2920	Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
11:51:08.0187 2920	PolicyAgent     (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
11:51:08.0218 2920	PolicyAgent ( UnsignedFile.Multi.Generic ) - warning
11:51:08.0218 2920	PolicyAgent - detected UnsignedFile.Multi.Generic (1)
11:51:08.0250 2920	PptpMiniport    (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
11:51:08.0328 2920	PptpMiniport ( UnsignedFile.Multi.Generic ) - warning
11:51:08.0328 2920	PptpMiniport - detected UnsignedFile.Multi.Generic (1)
11:51:08.0328 2920	ProtectedStorage (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
11:51:08.0359 2920	ProtectedStorage ( UnsignedFile.Multi.Generic ) - warning
11:51:08.0359 2920	ProtectedStorage - detected UnsignedFile.Multi.Generic (1)
11:51:08.0375 2920	PSched          (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
11:51:08.0453 2920	PSched ( UnsignedFile.Multi.Generic ) - warning
11:51:08.0453 2920	PSched - detected UnsignedFile.Multi.Generic (1)
11:51:08.0484 2920	Ptilink         (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
11:51:08.0515 2920	Ptilink ( UnsignedFile.Multi.Generic ) - warning
11:51:08.0515 2920	Ptilink - detected UnsignedFile.Multi.Generic (1)
11:51:08.0515 2920	ql1080 - ok
11:51:08.0531 2920	Ql10wnt - ok
11:51:08.0531 2920	ql12160 - ok
11:51:08.0546 2920	ql1240 - ok
11:51:08.0546 2920	ql1280 - ok
11:51:08.0578 2920	RasAcd          (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
11:51:08.0593 2920	RasAcd ( UnsignedFile.Multi.Generic ) - warning
11:51:08.0593 2920	RasAcd - detected UnsignedFile.Multi.Generic (1)
11:51:08.0625 2920	RasAuto         (ad188be7bdf94e8df4ca0a55c00a5073) C:\WINDOWS\System32\rasauto.dll
11:51:08.0671 2920	RasAuto ( UnsignedFile.Multi.Generic ) - warning
11:51:08.0671 2920	RasAuto - detected UnsignedFile.Multi.Generic (1)
11:51:08.0687 2920	Rasl2tp         (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
11:51:08.0734 2920	Rasl2tp ( UnsignedFile.Multi.Generic ) - warning
11:51:08.0734 2920	Rasl2tp - detected UnsignedFile.Multi.Generic (1)
11:51:08.0765 2920	RasMan          (76a9a3cbeadd68cc57cda5e1d7448235) C:\WINDOWS\System32\rasmans.dll
11:51:08.0828 2920	RasMan ( UnsignedFile.Multi.Generic ) - warning
11:51:08.0828 2920	RasMan - detected UnsignedFile.Multi.Generic (1)
11:51:08.0859 2920	RasPppoe        (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
11:51:08.0906 2920	RasPppoe ( UnsignedFile.Multi.Generic ) - warning
11:51:08.0906 2920	RasPppoe - detected UnsignedFile.Multi.Generic (1)
11:51:08.0937 2920	Raspti          (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
11:51:08.0984 2920	Raspti ( UnsignedFile.Multi.Generic ) - warning
11:51:08.0984 2920	Raspti - detected UnsignedFile.Multi.Generic (1)
11:51:09.0000 2920	Rdbss           (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
11:51:09.0078 2920	Rdbss ( UnsignedFile.Multi.Generic ) - warning
11:51:09.0078 2920	Rdbss - detected UnsignedFile.Multi.Generic (1)
11:51:09.0109 2920	RDPCDD          (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
11:51:09.0125 2920	RDPCDD ( UnsignedFile.Multi.Generic ) - warning
11:51:09.0125 2920	RDPCDD - detected UnsignedFile.Multi.Generic (1)
11:51:09.0171 2920	RDPWD           (6589db6e5969f8eee594cf71171c5028) C:\WINDOWS\system32\drivers\RDPWD.sys
11:51:09.0234 2920	RDPWD ( UnsignedFile.Multi.Generic ) - warning
11:51:09.0234 2920	RDPWD - detected UnsignedFile.Multi.Generic (1)
11:51:09.0265 2920	RDSessMgr       (3c37bf86641bda977c3bf8a840f3b7fa) C:\WINDOWS\system32\sessmgr.exe
11:51:09.0328 2920	RDSessMgr ( UnsignedFile.Multi.Generic ) - warning
11:51:09.0328 2920	RDSessMgr - detected UnsignedFile.Multi.Generic (1)
11:51:09.0359 2920	redbook         (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
11:51:09.0421 2920	redbook ( UnsignedFile.Multi.Generic ) - warning
11:51:09.0421 2920	redbook - detected UnsignedFile.Multi.Generic (1)
11:51:09.0453 2920	RemoteAccess    (7e699ff5f59b5d9de5390e3c34c67cf5) C:\WINDOWS\System32\mprdim.dll
11:51:09.0484 2920	RemoteAccess ( UnsignedFile.Multi.Generic ) - warning
11:51:09.0484 2920	RemoteAccess - detected UnsignedFile.Multi.Generic (1)
11:51:09.0500 2920	RpcLocator      (aaed593f84afa419bbae8572af87cf6a) C:\WINDOWS\system32\locator.exe
11:51:09.0546 2920	RpcLocator ( UnsignedFile.Multi.Generic ) - warning
11:51:09.0546 2920	RpcLocator - detected UnsignedFile.Multi.Generic (1)
11:51:09.0593 2920	RpcSs           (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\system32\rpcss.dll
11:51:09.0656 2920	RpcSs ( UnsignedFile.Multi.Generic ) - warning
11:51:09.0656 2920	RpcSs - detected UnsignedFile.Multi.Generic (1)
11:51:09.0687 2920	RSVP            (471b3f9741d762abe75e9deea4787e47) C:\WINDOWS\system32\rsvp.exe
11:51:09.0718 2920	RSVP ( UnsignedFile.Multi.Generic ) - warning
11:51:09.0718 2920	RSVP - detected UnsignedFile.Multi.Generic (1)
11:51:09.0765 2920	RT73            (7436bfd3a542cf6ff55097200031b293) C:\WINDOWS\system32\DRIVERS\rt73.sys
11:51:10.0093 2920	RT73 ( UnsignedFile.Multi.Generic ) - warning
11:51:10.0093 2920	RT73 - detected UnsignedFile.Multi.Generic (1)
11:51:10.0125 2920	rtl8139         (d507c1400284176573224903819ffda3) C:\WINDOWS\system32\DRIVERS\RTL8139.SYS
11:51:10.0171 2920	rtl8139 ( UnsignedFile.Multi.Generic ) - warning
11:51:10.0171 2920	rtl8139 - detected UnsignedFile.Multi.Generic (1)
11:51:10.0218 2920	SamSs           (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
11:51:10.0234 2920	SamSs ( UnsignedFile.Multi.Generic ) - warning
11:51:10.0234 2920	SamSs - detected UnsignedFile.Multi.Generic (1)
11:51:10.0281 2920	SASDIFSV - ok
11:51:10.0281 2920	SASENUM - ok
11:51:10.0281 2920	SASKUTIL - ok
11:51:10.0328 2920	SCardSvr        (86d007e7a654b9a71d1d7d856b104353) C:\WINDOWS\System32\SCardSvr.exe
11:51:10.0390 2920	SCardSvr ( UnsignedFile.Multi.Generic ) - warning
11:51:10.0390 2920	SCardSvr - detected UnsignedFile.Multi.Generic (1)
11:51:10.0437 2920	Schedule        (0a9a7365a1ca4319aa7c1d6cd8e4eafa) C:\WINDOWS\system32\schedsvc.dll
11:51:10.0468 2920	Schedule ( UnsignedFile.Multi.Generic ) - warning
11:51:10.0468 2920	Schedule - detected UnsignedFile.Multi.Generic (1)
11:51:10.0515 2920	Secdrv          (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
11:51:10.0562 2920	Secdrv ( UnsignedFile.Multi.Generic ) - warning
11:51:10.0562 2920	Secdrv - detected UnsignedFile.Multi.Generic (1)
11:51:10.0578 2920	seclogon        (cbe612e2bb6a10e3563336191eda1250) C:\WINDOWS\System32\seclogon.dll
11:51:10.0625 2920	seclogon ( UnsignedFile.Multi.Generic ) - warning
11:51:10.0625 2920	seclogon - detected UnsignedFile.Multi.Generic (1)
11:51:10.0687 2920	senfilt         (b9c7617c1e8ab6fdff75d3c8dafcb4c8) C:\WINDOWS\system32\drivers\senfilt.sys
11:51:10.0796 2920	senfilt ( UnsignedFile.Multi.Generic ) - warning
11:51:10.0796 2920	senfilt - detected UnsignedFile.Multi.Generic (1)
11:51:10.0828 2920	SENS            (7fdd5d0684eca8c1f68b4d99d124dcd0) C:\WINDOWS\system32\sens.dll
11:51:10.0890 2920	SENS ( UnsignedFile.Multi.Generic ) - warning
11:51:10.0890 2920	SENS - detected UnsignedFile.Multi.Generic (1)
11:51:10.0906 2920	serenum         (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
11:51:10.0953 2920	serenum ( UnsignedFile.Multi.Generic ) - warning
11:51:10.0953 2920	serenum - detected UnsignedFile.Multi.Generic (1)
11:51:10.0968 2920	Serial          (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys
11:51:11.0015 2920	Serial ( UnsignedFile.Multi.Generic ) - warning
11:51:11.0015 2920	Serial - detected UnsignedFile.Multi.Generic (1)
11:51:11.0078 2920	Sfloppy         (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
11:51:11.0125 2920	Sfloppy ( UnsignedFile.Multi.Generic ) - warning
11:51:11.0125 2920	Sfloppy - detected UnsignedFile.Multi.Generic (1)
11:51:11.0171 2920	ShellHWDetection (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
11:51:11.0203 2920	ShellHWDetection ( UnsignedFile.Multi.Generic ) - warning
11:51:11.0203 2920	ShellHWDetection - detected UnsignedFile.Multi.Generic (1)
11:51:11.0203 2920	Simbad - ok
11:51:11.0234 2920	SLIP            (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
11:51:11.0281 2920	SLIP ( UnsignedFile.Multi.Generic ) - warning
11:51:11.0281 2920	SLIP - detected UnsignedFile.Multi.Generic (1)
11:51:11.0484 2920	smwdm           (86c4d93b7b7818d066c52fdb03c6c921) C:\WINDOWS\system32\drivers\smwdm.sys
11:51:11.0531 2920	smwdm ( UnsignedFile.Multi.Generic ) - warning
11:51:11.0531 2920	smwdm - detected UnsignedFile.Multi.Generic (1)
11:51:11.0546 2920	Sparrow - ok
11:51:11.0578 2920	splitter        (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
11:51:11.0640 2920	splitter ( UnsignedFile.Multi.Generic ) - warning
11:51:11.0640 2920	splitter - detected UnsignedFile.Multi.Generic (1)
11:51:11.0687 2920	Spooler         (60784f891563fb1b767f70117fc2428f) C:\WINDOWS\system32\spoolsv.exe
11:51:11.0734 2920	Spooler ( UnsignedFile.Multi.Generic ) - warning
11:51:11.0734 2920	Spooler - detected UnsignedFile.Multi.Generic (1)
11:51:11.0796 2920	sptd            (71e276f6d189413266ea22171806597b) C:\WINDOWS\system32\Drivers\sptd.sys
11:51:12.0062 2920	Suspicious file (NoAccess): C:\WINDOWS\system32\Drivers\sptd.sys. md5: 71e276f6d189413266ea22171806597b
11:51:12.0062 2920	sptd ( LockedFile.Multi.Generic ) - warning
11:51:12.0062 2920	sptd - detected LockedFile.Multi.Generic (1)
11:51:12.0078 2920	sr              (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
11:51:12.0156 2920	sr ( UnsignedFile.Multi.Generic ) - warning
11:51:12.0156 2920	sr - detected UnsignedFile.Multi.Generic (1)
11:51:12.0203 2920	srservice       (3805df0ac4296a34ba4bf93b346cc378) C:\WINDOWS\system32\srsvc.dll
11:51:12.0250 2920	srservice ( UnsignedFile.Multi.Generic ) - warning
11:51:12.0250 2920	srservice - detected UnsignedFile.Multi.Generic (1)
11:51:12.0296 2920	Srv             (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
11:51:12.0390 2920	Srv ( UnsignedFile.Multi.Generic ) - warning
11:51:12.0390 2920	Srv - detected UnsignedFile.Multi.Generic (1)
11:51:12.0437 2920	SSDPSRV         (0a5679b3714edab99e357057ee88fca6) C:\WINDOWS\System32\ssdpsrv.dll
11:51:12.0515 2920	SSDPSRV ( UnsignedFile.Multi.Generic ) - warning
11:51:12.0515 2920	SSDPSRV - detected UnsignedFile.Multi.Generic (1)
11:51:12.0562 2920	stisvc          (8bad69cbac032d4bbacfce0306174c30) C:\WINDOWS\system32\wiaservc.dll
11:51:12.0625 2920	stisvc ( UnsignedFile.Multi.Generic ) - warning
11:51:12.0625 2920	stisvc - detected UnsignedFile.Multi.Generic (1)
11:51:12.0656 2920	streamip        (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
11:51:12.0703 2920	streamip ( UnsignedFile.Multi.Generic ) - warning
11:51:12.0703 2920	streamip - detected UnsignedFile.Multi.Generic (1)
11:51:12.0718 2920	swenum          (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
11:51:12.0765 2920	swenum ( UnsignedFile.Multi.Generic ) - warning
11:51:12.0765 2920	swenum - detected UnsignedFile.Multi.Generic (1)
11:51:12.0781 2920	swmidi          (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
11:51:12.0828 2920	swmidi ( UnsignedFile.Multi.Generic ) - warning
11:51:12.0843 2920	swmidi - detected UnsignedFile.Multi.Generic (1)
11:51:12.0843 2920	SwPrv - ok
11:51:12.0843 2920	symc810 - ok
11:51:12.0859 2920	symc8xx - ok
11:51:12.0906 2920	SymEvent        (06b95820df51502099a8a15c93e87986) C:\WINDOWS\system32\Drivers\SYMEVENT.SYS
11:51:12.0937 2920	SymEvent - ok
11:51:12.0937 2920	sym_hi - ok
11:51:12.0937 2920	sym_u3 - ok
11:51:12.0968 2920	sysaudio        (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
11:51:13.0031 2920	sysaudio ( UnsignedFile.Multi.Generic ) - warning
11:51:13.0031 2920	sysaudio - detected UnsignedFile.Multi.Generic (1)
11:51:13.0062 2920	SysmonLog       (c7abbc59b43274b1109df6b24d617051) C:\WINDOWS\system32\smlogsvc.exe
11:51:13.0093 2920	SysmonLog ( UnsignedFile.Multi.Generic ) - warning
11:51:13.0093 2920	SysmonLog - detected UnsignedFile.Multi.Generic (1)
11:51:13.0140 2920	TapiSrv         (3cb78c17bb664637787c9a1c98f79c38) C:\WINDOWS\System32\tapisrv.dll
11:51:13.0187 2920	TapiSrv ( UnsignedFile.Multi.Generic ) - warning
11:51:13.0187 2920	TapiSrv - detected UnsignedFile.Multi.Generic (1)
11:51:13.0234 2920	Tcpip           (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
11:51:13.0296 2920	Tcpip ( UnsignedFile.Multi.Generic ) - warning
11:51:13.0296 2920	Tcpip - detected UnsignedFile.Multi.Generic (1)
11:51:13.0328 2920	Tcpip6          (4e53bbcc4be37d7a4bd6ef1098c89ff7) C:\WINDOWS\system32\DRIVERS\tcpip6.sys
11:51:13.0390 2920	Tcpip6 ( UnsignedFile.Multi.Generic ) - warning
11:51:13.0390 2920	Tcpip6 - detected UnsignedFile.Multi.Generic (1)
11:51:13.0421 2920	TDPIPE          (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
11:51:13.0546 2920	TDPIPE ( UnsignedFile.Multi.Generic ) - warning
11:51:13.0546 2920	TDPIPE - detected UnsignedFile.Multi.Generic (1)
11:51:13.0562 2920	TDTCP           (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
11:51:13.0625 2920	TDTCP ( UnsignedFile.Multi.Generic ) - warning
11:51:13.0625 2920	TDTCP - detected UnsignedFile.Multi.Generic (1)
11:51:13.0640 2920	TermDD          (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
11:51:13.0734 2920	TermDD ( UnsignedFile.Multi.Generic ) - warning
11:51:13.0734 2920	TermDD - detected UnsignedFile.Multi.Generic (1)
11:51:13.0828 2920	TermService     (ff3477c03be7201c294c35f684b3479f) C:\WINDOWS\System32\termsrv.dll
11:51:13.0875 2920	TermService ( UnsignedFile.Multi.Generic ) - warning
11:51:13.0875 2920	TermService - detected UnsignedFile.Multi.Generic (1)
11:51:13.0906 2920	Themes          (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
11:51:13.0937 2920	Themes ( UnsignedFile.Multi.Generic ) - warning
11:51:13.0937 2920	Themes - detected UnsignedFile.Multi.Generic (1)
11:51:13.0968 2920	TIEHDUSB        (a1124ebc672aa3ae1b327096c1dcc346) C:\WINDOWS\system32\drivers\tiehdusb.sys
11:51:14.0250 2920	TIEHDUSB ( UnsignedFile.Multi.Generic ) - warning
11:51:14.0250 2920	TIEHDUSB - detected UnsignedFile.Multi.Generic (1)
11:51:14.0250 2920	TosIde - ok
11:51:14.0296 2920	TrkWks          (55bca12f7f523d35ca3cb833c725f54e) C:\WINDOWS\system32\trkwks.dll
11:51:14.0343 2920	TrkWks ( UnsignedFile.Multi.Generic ) - warning
11:51:14.0343 2920	TrkWks - detected UnsignedFile.Multi.Generic (1)
11:51:14.0359 2920	tunmp           (8f861eda21c05857eb8197300a92501c) C:\WINDOWS\system32\DRIVERS\tunmp.sys
11:51:14.0421 2920	tunmp ( UnsignedFile.Multi.Generic ) - warning
11:51:14.0421 2920	tunmp - detected UnsignedFile.Multi.Generic (1)
11:51:14.0453 2920	Udfs            (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
11:51:14.0484 2920	Udfs ( UnsignedFile.Multi.Generic ) - warning
11:51:14.0484 2920	Udfs - detected UnsignedFile.Multi.Generic (1)
11:51:14.0500 2920	ultra - ok
11:51:14.0531 2920	Update          (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
11:51:14.0593 2920	Update ( UnsignedFile.Multi.Generic ) - warning
11:51:14.0593 2920	Update - detected UnsignedFile.Multi.Generic (1)
11:51:14.0640 2920	upnphost        (1ebafeb9a3fbdc41b8d9c7f0f687ad91) C:\WINDOWS\System32\upnphost.dll
11:51:14.0687 2920	upnphost ( UnsignedFile.Multi.Generic ) - warning
11:51:14.0687 2920	upnphost - detected UnsignedFile.Multi.Generic (1)
11:51:14.0718 2920	UPS             (05365fb38fca1e98f7a566aaaf5d1815) C:\WINDOWS\System32\ups.exe
11:51:14.0765 2920	UPS ( UnsignedFile.Multi.Generic ) - warning
11:51:14.0765 2920	UPS - detected UnsignedFile.Multi.Generic (1)
11:51:14.0796 2920	USBAAPL         (4b8a9c16b6d9258ed99c512aecb8c555) C:\WINDOWS\system32\Drivers\usbaapl.sys
11:51:15.0031 2920	USBAAPL ( UnsignedFile.Multi.Generic ) - warning
11:51:15.0031 2920	USBAAPL - detected UnsignedFile.Multi.Generic (1)
11:51:15.0062 2920	usbaudio        (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys
11:51:15.0265 2920	usbaudio ( UnsignedFile.Multi.Generic ) - warning
11:51:15.0265 2920	usbaudio - detected UnsignedFile.Multi.Generic (1)
11:51:15.0281 2920	usbbus - ok
11:51:15.0312 2920	usbccgp         (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
11:51:15.0406 2920	usbccgp ( UnsignedFile.Multi.Generic ) - warning
11:51:15.0406 2920	usbccgp - detected UnsignedFile.Multi.Generic (1)
11:51:15.0406 2920	UsbDiag - ok
11:51:15.0437 2920	usbehci         (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
11:51:15.0468 2920	usbehci ( UnsignedFile.Multi.Generic ) - warning
11:51:15.0468 2920	usbehci - detected UnsignedFile.Multi.Generic (1)
11:51:15.0468 2920	UsbGps - ok
11:51:15.0500 2920	usbhub          (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
11:51:15.0546 2920	usbhub ( UnsignedFile.Multi.Generic ) - warning
11:51:15.0546 2920	usbhub - detected UnsignedFile.Multi.Generic (1)
11:51:15.0546 2920	USBModem - ok
11:51:15.0578 2920	usbprint        (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
11:51:15.0625 2920	usbprint ( UnsignedFile.Multi.Generic ) - warning
11:51:15.0625 2920	usbprint - detected UnsignedFile.Multi.Generic (1)
11:51:15.0656 2920	usbscan         (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
11:51:15.0734 2920	usbscan ( UnsignedFile.Multi.Generic ) - warning
11:51:15.0734 2920	usbscan - detected UnsignedFile.Multi.Generic (1)
11:51:15.0812 2920	usbsermpt       (caad3467fbfae8a380f67e9c7150a85e) C:\WINDOWS\system32\DRIVERS\usbsermpt.sys
11:51:16.0046 2920	usbsermpt ( UnsignedFile.Multi.Generic ) - warning
11:51:16.0046 2920	usbsermpt - detected UnsignedFile.Multi.Generic (1)
11:51:16.0078 2920	usbsermptxp     (49106ee29074e6a3d3ac9e24c6d791d8) C:\WINDOWS\system32\DRIVERS\usbsermptxp.sys
11:51:16.0171 2920	usbsermptxp ( UnsignedFile.Multi.Generic ) - warning
11:51:16.0171 2920	usbsermptxp - detected UnsignedFile.Multi.Generic (1)
11:51:16.0187 2920	USBSTOR         (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
11:51:16.0218 2920	USBSTOR ( UnsignedFile.Multi.Generic ) - warning
11:51:16.0218 2920	USBSTOR - detected UnsignedFile.Multi.Generic (1)
11:51:16.0250 2920	usbuhci         (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
11:51:16.0296 2920	usbuhci ( UnsignedFile.Multi.Generic ) - warning
11:51:16.0296 2920	usbuhci - detected UnsignedFile.Multi.Generic (1)
11:51:16.0328 2920	usbvideo        (63bbfca7f390f4c49ed4b96bfb1633e0) C:\WINDOWS\system32\Drivers\usbvideo.sys
11:51:16.0390 2920	usbvideo ( UnsignedFile.Multi.Generic ) - warning
11:51:16.0390 2920	usbvideo - detected UnsignedFile.Multi.Generic (1)
11:51:16.0390 2920	uti2nzy4 - ok
11:51:16.0437 2920	VgaSave         (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
11:51:16.0484 2920	VgaSave ( UnsignedFile.Multi.Generic ) - warning
11:51:16.0484 2920	VgaSave - detected UnsignedFile.Multi.Generic (1)
11:51:16.0484 2920	ViaIde - ok
11:51:16.0500 2920	Video3D - ok
11:51:16.0531 2920	VolSnap         (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
11:51:16.0562 2920	VolSnap ( UnsignedFile.Multi.Generic ) - warning
11:51:16.0562 2920	VolSnap - detected UnsignedFile.Multi.Generic (1)
11:51:16.0625 2920	VSS             (7a9db3a67c333bf0bd42e42b8596854b) C:\WINDOWS\System32\vssvc.exe
11:51:16.0687 2920	VSS ( UnsignedFile.Multi.Generic ) - warning
11:51:16.0687 2920	VSS - detected UnsignedFile.Multi.Generic (1)
11:51:16.0718 2920	W32Time         (54af4b1d5459500ef0937f6d33b1914f) C:\WINDOWS\system32\w32time.dll
11:51:16.0796 2920	W32Time ( UnsignedFile.Multi.Generic ) - warning
11:51:16.0796 2920	W32Time - detected UnsignedFile.Multi.Generic (1)
11:51:16.0859 2920	Wanarp          (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
11:51:16.0906 2920	Wanarp ( UnsignedFile.Multi.Generic ) - warning
11:51:16.0906 2920	Wanarp - detected UnsignedFile.Multi.Generic (1)
11:51:16.0937 2920	wceusbsh        (46a247f6617526afe38b6f12f5512120) C:\WINDOWS\system32\DRIVERS\wceusbsh.sys
11:51:17.0000 2920	wceusbsh ( UnsignedFile.Multi.Generic ) - warning
11:51:17.0000 2920	wceusbsh - detected UnsignedFile.Multi.Generic (1)
11:51:17.0062 2920	Wdf01000        (d918617b46457b9ac28027722e30f647) C:\WINDOWS\system32\DRIVERS\Wdf01000.sys
11:51:17.0109 2920	Wdf01000 - ok
11:51:17.0109 2920	WDICA - ok
11:51:17.0140 2920	wdmaud          (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
11:51:17.0203 2920	wdmaud ( UnsignedFile.Multi.Generic ) - warning
11:51:17.0203 2920	wdmaud - detected UnsignedFile.Multi.Generic (1)
11:51:17.0234 2920	WebClient       (77a354e28153ad2d5e120a5a8687bc06) C:\WINDOWS\System32\webclnt.dll
11:51:17.0296 2920	WebClient ( UnsignedFile.Multi.Generic ) - warning
11:51:17.0296 2920	WebClient - detected UnsignedFile.Multi.Generic (1)
11:51:17.0390 2920	winmgmt         (2d0e4ed081963804ccc196a0929275b5) C:\WINDOWS\system32\wbem\WMIsvc.dll
11:51:17.0437 2920	winmgmt ( UnsignedFile.Multi.Generic ) - warning
11:51:17.0437 2920	winmgmt - detected UnsignedFile.Multi.Generic (1)
11:51:17.0531 2920	WinRM           (18f347402da544a780949b8fdf83351b) C:\WINDOWS\system32\WsmSvc.dll
11:51:17.0625 2920	WinRM ( UnsignedFile.Multi.Generic ) - warning
11:51:17.0625 2920	WinRM - detected UnsignedFile.Multi.Generic (1)
11:51:17.0671 2920	WmdmPmSN        (c51b4a5c05a5475708e3c81c7765b71d) C:\WINDOWS\system32\MsPMSNSv.dll
11:51:17.0718 2920	WmdmPmSN ( UnsignedFile.Multi.Generic ) - warning
11:51:17.0718 2920	WmdmPmSN - detected UnsignedFile.Multi.Generic (1)
11:51:17.0781 2920	WmiApSrv        (e0673f1106e62a68d2257e376079f821) C:\WINDOWS\system32\wbem\wmiapsrv.exe
11:51:17.0843 2920	WmiApSrv ( UnsignedFile.Multi.Generic ) - warning
11:51:17.0843 2920	WmiApSrv - detected UnsignedFile.Multi.Generic (1)
11:51:17.0984 2920	WMPNetworkSvc   (f74e3d9a7fa9556c3bbb14d4e5e63d3b) C:\Program Files\Windows Media Player\WMPNetwk.exe
11:51:18.0109 2920	WMPNetworkSvc ( UnsignedFile.Multi.Generic ) - warning
11:51:18.0109 2920	WMPNetworkSvc - detected UnsignedFile.Multi.Generic (1)
11:51:18.0171 2920	WnsDrvr         (b4cd1f39807884b9d3217feb71d96952) C:\WINDOWS\system32\drivers\WnsDrvr.sys
11:51:18.0375 2920	WnsDrvr ( UnsignedFile.Multi.Generic ) - warning
11:51:18.0375 2920	WnsDrvr - detected UnsignedFile.Multi.Generic (1)
11:51:18.0531 2920	WPFFontCache_v0400 (dcf3e3edf5109ee8bc02fe6e1f045795) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
11:51:18.0625 2920	WPFFontCache_v0400 - ok
11:51:18.0656 2920	WS2IFSL         (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys
11:51:18.0703 2920	WS2IFSL ( UnsignedFile.Multi.Generic ) - warning
11:51:18.0703 2920	WS2IFSL - detected UnsignedFile.Multi.Generic (1)
11:51:18.0718 2920	WSearch - ok
11:51:18.0750 2920	WSTCODEC        (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
11:51:18.0812 2920	WSTCODEC ( UnsignedFile.Multi.Generic ) - warning
11:51:18.0812 2920	WSTCODEC - detected UnsignedFile.Multi.Generic (1)
11:51:18.0843 2920	WudfPf          (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
11:51:18.0890 2920	WudfPf ( UnsignedFile.Multi.Generic ) - warning
11:51:18.0890 2920	WudfPf - detected UnsignedFile.Multi.Generic (1)
11:51:18.0921 2920	WudfRd          (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
11:51:19.0000 2920	WudfRd ( UnsignedFile.Multi.Generic ) - warning
11:51:19.0000 2920	WudfRd - detected UnsignedFile.Multi.Generic (1)
11:51:19.0031 2920	WudfSvc         (05231c04253c5bc30b26cbaae680ed89) C:\WINDOWS\System32\WUDFSvc.dll
11:51:19.0093 2920	WudfSvc ( UnsignedFile.Multi.Generic ) - warning
11:51:19.0093 2920	WudfSvc - detected UnsignedFile.Multi.Generic (1)
11:51:19.0171 2920	WZCSVC          (81dc3f549f44b1c1fff022dec9ecf30b) C:\WINDOWS\System32\wzcsvc.dll
11:51:19.0218 2920	WZCSVC ( UnsignedFile.Multi.Generic ) - warning
11:51:19.0218 2920	WZCSVC - detected UnsignedFile.Multi.Generic (1)
11:51:19.0250 2920	xmlprov         (295d21f14c335b53cb8154e5b1f892b9) C:\WINDOWS\System32\xmlprov.dll
11:51:19.0296 2920	xmlprov ( UnsignedFile.Multi.Generic ) - warning
11:51:19.0296 2920	xmlprov - detected UnsignedFile.Multi.Generic (1)
11:51:19.0343 2920	YPCService      (d46403ef02c003de80b4be8a31549fb4) C:\WINDOWS\system32\YPCSER~1.EXE
11:51:19.0593 2920	YPCService ( UnsignedFile.Multi.Generic ) - warning
11:51:19.0593 2920	YPCService - detected UnsignedFile.Multi.Generic (1)
11:51:19.0640 2920	MBR (0x1B8)     (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0
11:51:19.0671 2920	\Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - infected
11:51:19.0671 2920	\Device\Harddisk0\DR0 - detected Rootkit.Boot.Pihar.c (0)
11:51:19.0687 2920	\Device\Harddisk0\DR0 ( TDSS File System ) - warning
11:51:19.0687 2920	\Device\Harddisk0\DR0 - detected TDSS File System (1)
11:51:19.0703 2920	Boot (0x1200)   (d3ac40329d33b98e5739d5cdb64920f8) \Device\Harddisk0\DR0\Partition0
11:51:19.0703 2920	\Device\Harddisk0\DR0\Partition0 - ok
11:51:19.0703 2920	============================================================
11:51:19.0703 2920	Scan finished
11:51:19.0703 2920	============================================================
11:51:19.0843 2912	Detected object count: 242
11:51:19.0843 2912	Actual detected object count: 242
11:51:39.0218 2912	6to4 ( UnsignedFile.Multi.Generic ) - skipped by user
11:51:39.0218 2912	6to4 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:51:39.0218 2912	ACPI ( UnsignedFile.Multi.Generic ) - skipped by user
11:51:39.0218 2912	ACPI ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:51:39.0218 2912	ACPIEC ( UnsignedFile.Multi.Generic ) - skipped by user
11:51:39.0218 2912	ACPIEC ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:51:39.0218 2912	aec ( UnsignedFile.Multi.Generic ) - skipped by user
11:51:39.0218 2912	aec ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:51:39.0218 2912	AFD ( UnsignedFile.Multi.Generic ) - skipped by user
11:51:39.0218 2912	AFD ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:51:39.0218 2912	Alerter ( UnsignedFile.Multi.Generic ) - skipped by user
11:51:39.0218 2912	Alerter ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:51:39.0218 2912	ALG ( UnsignedFile.Multi.Generic ) - skipped by user
11:51:39.0218 2912	ALG ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:51:39.0218 2912	asuskbnt ( UnsignedFile.Multi.Generic ) - skipped by user
11:51:39.0218 2912	asuskbnt ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:51:39.0218 2912	ASUSKeyboardService ( UnsignedFile.Multi.Generic ) - skipped by user
11:51:39.0218 2912	ASUSKeyboardService ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:51:39.0218 2912	AsyncMac ( UnsignedFile.Multi.Generic ) - skipped by user
11:51:39.0218 2912	AsyncMac ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:51:39.0234 2912	atapi ( UnsignedFile.Multi.Generic ) - skipped by user
11:51:39.0234 2912	atapi ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:51:39.0234 2912	Ati HotKey Poller ( UnsignedFile.Multi.Generic ) - skipped by user
11:51:39.0234 2912	Ati HotKey Poller ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:51:39.0234 2912	ati2mtag ( UnsignedFile.Multi.Generic ) - skipped by user
11:51:39.0234 2912	ati2mtag ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:51:39.0234 2912	Atmarpc ( UnsignedFile.Multi.Generic ) - skipped by user
11:51:39.0234 2912	Atmarpc ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:51:39.0234 2912	AudioSrv ( UnsignedFile.Multi.Generic ) - skipped by user
11:51:39.0234 2912	AudioSrv ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:51:39.0234 2912	audstub ( UnsignedFile.Multi.Generic ) - skipped by user
11:51:39.0234 2912	audstub ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:51:39.0234 2912	BCM42RLY ( UnsignedFile.Multi.Generic ) - skipped by user
11:51:39.0234 2912	BCM42RLY ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:51:39.0234 2912	Beep ( UnsignedFile.Multi.Generic ) - skipped by user
11:51:39.0234 2912	Beep ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:51:39.0234 2912	Browser ( UnsignedFile.Multi.Generic ) - skipped by user
11:51:39.0234 2912	Browser ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:51:39.0234 2912	cbidf2k ( UnsignedFile.Multi.Generic ) - skipped by user
11:51:39.0234 2912	cbidf2k ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:51:39.0234 2912	CCDECODE ( UnsignedFile.Multi.Generic ) - skipped by user
11:51:39.0234 2912	CCDECODE ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:51:39.0234 2912	Cdaudio ( UnsignedFile.Multi.Generic ) - skipped by user
11:51:39.0234 2912	Cdaudio ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:51:39.0250 2912	Cdfs ( UnsignedFile.Multi.Generic ) - skipped by user
11:51:39.0250 2912	Cdfs ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:51:39.0250 2912	Cdrom ( UnsignedFile.Multi.Generic ) - skipped by user
11:51:39.0250 2912	Cdrom ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:51:39.0250 2912	CiSvc ( UnsignedFile.Multi.Generic ) - skipped by user
11:51:39.0250 2912	CiSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:51:39.0250 2912	ClipSrv ( UnsignedFile.Multi.Generic ) - skipped by user
11:51:39.0250 2912	ClipSrv ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:51:39.0250 2912	CryptSvc ( UnsignedFile.Multi.Generic ) - skipped by user
11:51:39.0250 2912	CryptSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:51:39.0250 2912	DcomLaunch ( UnsignedFile.Multi.Generic ) - skipped by user
11:51:39.0250 2912	DcomLaunch ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:51:39.0250 2912	Dhcp ( UnsignedFile.Multi.Generic ) - skipped by user
11:51:39.0250 2912	Dhcp ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:51:39.0250 2912	Disk ( UnsignedFile.Multi.Generic ) - skipped by user
11:51:39.0250 2912	Disk ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:51:39.0250 2912	dmboot ( UnsignedFile.Multi.Generic ) - skipped by user
11:51:39.0250 2912	dmboot ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:51:39.0250 2912	dmio ( UnsignedFile.Multi.Generic ) - skipped by user
11:51:39.0250 2912	dmio ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:51:39.0250 2912	dmload ( UnsignedFile.Multi.Generic ) - skipped by user
11:51:39.0250 2912	dmload ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:51:39.0250 2912	dmserver ( UnsignedFile.Multi.Generic ) - skipped by user
11:51:39.0250 2912	dmserver ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:51:39.0250 2912	DMusic ( UnsignedFile.Multi.Generic ) - skipped by user
11:51:39.0250 2912	DMusic ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:51:39.0265 2912	Dnscache ( UnsignedFile.Multi.Generic ) - skipped by user
11:51:39.0265 2912	Dnscache ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:51:39.0265 2912	Dot3svc ( UnsignedFile.Multi.Generic ) - skipped by user
11:51:39.0265 2912	Dot3svc ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:51:39.0265 2912	drmkaud ( UnsignedFile.Multi.Generic ) - skipped by user
11:51:39.0265 2912	drmkaud ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:51:39.0265 2912	E100B ( UnsignedFile.Multi.Generic ) - skipped by user
11:51:39.0265 2912	E100B ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:51:39.0265 2912	EapHost ( UnsignedFile.Multi.Generic ) - skipped by user
11:51:39.0265 2912	EapHost ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:51:39.0265 2912	EIO ( UnsignedFile.Multi.Generic ) - skipped by user
11:51:39.0265 2912	EIO ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:51:39.0265 2912	ERSvc ( UnsignedFile.Multi.Generic ) - skipped by user
11:51:39.0265 2912	ERSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:51:39.0265 2912	Eventlog ( UnsignedFile.Multi.Generic ) - skipped by user
11:51:39.0265 2912	Eventlog ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:51:39.0265 2912	EventSystem ( UnsignedFile.Multi.Generic ) - skipped by user
11:51:39.0265 2912	EventSystem ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:51:39.0265 2912	Fastfat ( UnsignedFile.Multi.Generic ) - skipped by user
11:51:39.0265 2912	Fastfat ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:51:39.0265 2912	FastUserSwitchingCompatibility ( UnsignedFile.Multi.Generic ) - skipped by user
11:51:39.0265 2912	FastUserSwitchingCompatibility ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:51:39.0265 2912	Fdc ( UnsignedFile.Multi.Generic ) - skipped by user
11:51:39.0265 2912	Fdc ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:51:39.0265 2912	Fips ( UnsignedFile.Multi.Generic ) - skipped by user
11:51:39.0265 2912	Fips ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:51:39.0281 2912	Flpydisk ( UnsignedFile.Multi.Generic ) - skipped by user
11:51:39.0281 2912	Flpydisk ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:51:39.0281 2912	FltMgr ( UnsignedFile.Multi.Generic ) - skipped by user
11:51:39.0281 2912	FltMgr ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:51:39.0281 2912	Fs_Rec ( UnsignedFile.Multi.Generic ) - skipped by user
11:51:39.0281 2912	Fs_Rec ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:51:39.0281 2912	Ftdisk ( UnsignedFile.Multi.Generic ) - skipped by user
11:51:39.0281 2912	Ftdisk ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:51:39.0281 2912	Gpc ( UnsignedFile.Multi.Generic ) - skipped by user
11:51:39.0281 2912	Gpc ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:51:39.0281 2912	hardlock ( UnsignedFile.Multi.Generic ) - skipped by user
11:51:39.0281 2912	hardlock ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:51:39.0281 2912	helpsvc ( UnsignedFile.Multi.Generic ) - skipped by user
11:51:39.0281 2912	helpsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:51:39.0281 2912	HidUsb ( UnsignedFile.Multi.Generic ) - skipped by user
11:51:39.0281 2912	HidUsb ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:51:39.0281 2912	hkmsvc ( UnsignedFile.Multi.Generic ) - skipped by user
11:51:39.0281 2912	hkmsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:51:39.0281 2912	HPZid412 ( UnsignedFile.Multi.Generic ) - skipped by user
11:51:39.0281 2912	HPZid412 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:51:39.0281 2912	HPZipr12 ( UnsignedFile.Multi.Generic ) - skipped by user
11:51:39.0281 2912	HPZipr12 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:51:39.0281 2912	HPZius12 ( UnsignedFile.Multi.Generic ) - skipped by user
11:51:39.0281 2912	HPZius12 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:51:39.0296 2912	HTTP ( UnsignedFile.Multi.Generic ) - skipped by user
11:51:39.0296 2912	HTTP ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:51:39.0296 2912	HTTPFilter ( UnsignedFile.Multi.Generic ) - skipped by user
11:51:39.0296 2912	HTTPFilter ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:51:39.0296 2912	i8042prt ( UnsignedFile.Multi.Generic ) - skipped by user
11:51:39.0296 2912	i8042prt ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:51:39.0296 2912	IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
11:51:39.0296 2912	IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:51:39.0296 2912	Imapi ( UnsignedFile.Multi.Generic ) - skipped by user
11:51:39.0296 2912	Imapi ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:51:39.0296 2912	ImapiService ( UnsignedFile.Multi.Generic ) - skipped by user
11:51:39.0296 2912	ImapiService ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:51:39.0296 2912	IntelIde ( UnsignedFile.Multi.Generic ) - skipped by user
11:51:39.0296 2912	IntelIde ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:51:39.0296 2912	intelppm ( UnsignedFile.Multi.Generic ) - skipped by user
11:51:39.0296 2912	intelppm ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:51:39.0296 2912	Ip6Fw ( UnsignedFile.Multi.Generic ) - skipped by user
11:51:39.0296 2912	Ip6Fw ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:51:39.0296 2912	IpFilterDriver ( UnsignedFile.Multi.Generic ) - skipped by user
11:51:39.0296 2912	IpFilterDriver ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:51:39.0296 2912	IpInIp ( UnsignedFile.Multi.Generic ) - skipped by user
11:51:39.0296 2912	IpInIp ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:51:39.0296 2912	IpNat ( UnsignedFile.Multi.Generic ) - skipped by user
11:51:39.0296 2912	IpNat ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:51:39.0312 2912	IPSec ( UnsignedFile.Multi.Generic ) - skipped by user
11:51:39.0312 2912	IPSec ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:51:39.0312 2912	IRENUM ( UnsignedFile.Multi.Generic ) - skipped by user
11:51:39.0312 2912	IRENUM ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:51:39.0312 2912	isapnp ( UnsignedFile.Multi.Generic ) - skipped by user
11:51:39.0312 2912	isapnp ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:51:39.0312 2912	Kbdclass ( UnsignedFile.Multi.Generic ) - skipped by user
11:51:39.0312 2912	Kbdclass ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:51:39.0312 2912	kmixer ( UnsignedFile.Multi.Generic ) - skipped by user
11:51:39.0312 2912	kmixer ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:51:39.0312 2912	KSecDD ( UnsignedFile.Multi.Generic ) - skipped by user
11:51:39.0312 2912	KSecDD ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:51:39.0312 2912	lanmanserver ( UnsignedFile.Multi.Generic ) - skipped by user
11:51:39.0312 2912	lanmanserver ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:51:39.0312 2912	lanmanworkstation ( UnsignedFile.Multi.Generic ) - skipped by user
11:51:39.0312 2912	lanmanworkstation ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:51:39.0312 2912	LmHosts ( UnsignedFile.Multi.Generic ) - skipped by user
11:51:39.0312 2912	LmHosts ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:51:39.0312 2912	LPDSVC ( UnsignedFile.Multi.Generic ) - skipped by user
11:51:39.0312 2912	LPDSVC ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:51:39.0312 2912	McciServiceHost ( UnsignedFile.Multi.Generic ) - skipped by user
11:51:39.0312 2912	McciServiceHost ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:51:39.0312 2912	Messenger ( UnsignedFile.Multi.Generic ) - skipped by user
11:51:39.0312 2912	Messenger ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:51:39.0328 2912	mnmdd ( UnsignedFile.Multi.Generic ) - skipped by user
11:51:39.0328 2912	mnmdd ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:51:39.0328 2912	mnmsrvc ( UnsignedFile.Multi.Generic ) - skipped by user
11:51:39.0328 2912	mnmsrvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:51:39.0328 2912	Modem ( UnsignedFile.Multi.Generic ) - skipped by user
11:51:39.0328 2912	Modem ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:51:39.0328 2912	motmodem ( UnsignedFile.Multi.Generic ) - skipped by user
11:51:39.0328 2912	motmodem ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:51:39.0328 2912	Mouclass ( UnsignedFile.Multi.Generic ) - skipped by user
11:51:39.0328 2912	Mouclass ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:51:39.0328 2912	MountMgr ( UnsignedFile.Multi.Generic ) - skipped by user
11:51:39.0328 2912	MountMgr ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:51:39.0328 2912	MR97310_USB_DUAL_CAMERA ( UnsignedFile.Multi.Generic ) - skipped by user
11:51:39.0328 2912	MR97310_USB_DUAL_CAMERA ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:51:39.0328 2912	MREMP50 ( UnsignedFile.Multi.Generic ) - skipped by user
11:51:39.0328 2912	MREMP50 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:51:39.0328 2912	MRESP50 ( UnsignedFile.Multi.Generic ) - skipped by user
11:51:39.0328 2912	MRESP50 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:51:39.0328 2912	MRxDAV ( UnsignedFile.Multi.Generic ) - skipped by user
11:51:39.0328 2912	MRxDAV ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:51:39.0328 2912	MRxSmb ( UnsignedFile.Multi.Generic ) - skipped by user
11:51:39.0328 2912	MRxSmb ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:51:39.0328 2912	MSDTC ( UnsignedFile.Multi.Generic ) - skipped by user
11:51:39.0328 2912	MSDTC ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:51:39.0343 2912	Msfs ( UnsignedFile.Multi.Generic ) - skipped by user
11:51:39.0343 2912	Msfs ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:51:39.0343 2912	MSKSSRV ( UnsignedFile.Multi.Generic ) - skipped by user
11:51:39.0343 2912	MSKSSRV ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:51:39.0343 2912	MSPCLOCK ( UnsignedFile.Multi.Generic ) - skipped by user
11:51:39.0343 2912	MSPCLOCK ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:51:39.0343 2912	MSPQM ( UnsignedFile.Multi.Generic ) - skipped by user
11:51:39.0343 2912	MSPQM ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:51:39.0343 2912	mssmbios ( UnsignedFile.Multi.Generic ) - skipped by user
11:51:39.0343 2912	mssmbios ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:51:39.0343 2912	MSTEE ( UnsignedFile.Multi.Generic ) - skipped by user
11:51:39.0343 2912	MSTEE ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:51:39.0343 2912	Mup ( UnsignedFile.Multi.Generic ) - skipped by user
11:51:39.0343 2912	Mup ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:51:39.0343 2912	NABTSFEC ( UnsignedFile.Multi.Generic ) - skipped by user
11:51:39.0343 2912	NABTSFEC ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:51:39.0343 2912	napagent ( UnsignedFile.Multi.Generic ) - skipped by user
11:51:39.0343 2912	napagent ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:51:39.0343 2912	NDIS ( UnsignedFile.Multi.Generic ) - skipped by user
11:51:39.0343 2912	NDIS ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:51:39.0343 2912	NdisIP ( UnsignedFile.Multi.Generic ) - skipped by user
11:51:39.0343 2912	NdisIP ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:51:39.0343 2912	NdisTapi ( UnsignedFile.Multi.Generic ) - skipped by user
11:51:39.0343 2912	NdisTapi ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:51:39.0343 2912	Ndisuio ( UnsignedFile.Multi.Generic ) - skipped by user
11:51:39.0343 2912	Ndisuio ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:51:39.0343 2912	NdisWan ( UnsignedFile.Multi.Generic ) - skipped by user
11:51:39.0343 2912	NdisWan ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:51:39.0359 2912	NDProxy ( UnsignedFile.Multi.Generic ) - skipped by user
11:51:39.0359 2912	NDProxy ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:51:39.0359 2912	NetBIOS ( UnsignedFile.Multi.Generic ) - skipped by user
11:51:39.0359 2912	NetBIOS ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:51:39.0359 2912	NetBT ( UnsignedFile.Multi.Generic ) - skipped by user
11:51:39.0359 2912	NetBT ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:51:39.0359 2912	NetDDE ( UnsignedFile.Multi.Generic ) - skipped by user
11:51:39.0359 2912	NetDDE ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:51:39.0359 2912	NetDDEdsdm ( UnsignedFile.Multi.Generic ) - skipped by user
11:51:39.0359 2912	NetDDEdsdm ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:51:39.0359 2912	Netlogon ( UnsignedFile.Multi.Generic ) - skipped by user
11:51:39.0359 2912	Netlogon ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:51:39.0359 2912	Netman ( UnsignedFile.Multi.Generic ) - skipped by user
11:51:39.0359 2912	Netman ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:51:39.0359 2912	NIHardwareService ( UnsignedFile.Multi.Generic ) - skipped by user
11:51:39.0359 2912	NIHardwareService ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:51:39.0359 2912	Nla ( UnsignedFile.Multi.Generic ) - skipped by user
11:51:39.0359 2912	Nla ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:51:39.0359 2912	nm ( UnsignedFile.Multi.Generic ) - skipped by user
11:51:39.0359 2912	nm ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:51:39.0359 2912	Npfs ( UnsignedFile.Multi.Generic ) - skipped by user
11:51:39.0359 2912	Npfs ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:51:39.0359 2912	Ntfs ( UnsignedFile.Multi.Generic ) - skipped by user
11:51:39.0359 2912	Ntfs ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:51:39.0375 2912	NtLmSsp ( UnsignedFile.Multi.Generic ) - skipped by user
11:51:39.0375 2912	NtLmSsp ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:51:39.0375 2912	NtmsSvc ( UnsignedFile.Multi.Generic ) - skipped by user
11:51:39.0375 2912	NtmsSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:51:39.0375 2912	Null ( UnsignedFile.Multi.Generic ) - skipped by user
11:51:39.0375 2912	Null ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:51:39.0375 2912	NwlnkFlt ( UnsignedFile.Multi.Generic ) - skipped by user
11:51:39.0375 2912	NwlnkFlt ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:51:39.0375 2912	NwlnkFwd ( UnsignedFile.Multi.Generic ) - skipped by user
11:51:39.0375 2912	NwlnkFwd ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:51:39.0375 2912	NwlnkIpx ( UnsignedFile.Multi.Generic ) - skipped by user
11:51:39.0375 2912	NwlnkIpx ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:51:39.0375 2912	NwlnkNb ( UnsignedFile.Multi.Generic ) - skipped by user
11:51:39.0375 2912	NwlnkNb ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:51:39.0375 2912	NwlnkSpx ( UnsignedFile.Multi.Generic ) - skipped by user
11:51:39.0375 2912	NwlnkSpx ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:51:39.0375 2912	NwSapAgent ( UnsignedFile.Multi.Generic ) - skipped by user
11:51:39.0375 2912	NwSapAgent ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:51:39.0375 2912	OMCI ( UnsignedFile.Multi.Generic ) - skipped by user
11:51:39.0375 2912	OMCI ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:51:39.0375 2912	Parport ( UnsignedFile.Multi.Generic ) - skipped by user
11:51:39.0375 2912	Parport ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:51:39.0375 2912	PartMgr ( UnsignedFile.Multi.Generic ) - skipped by user
11:51:39.0375 2912	PartMgr ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:51:39.0390 2912	ParVdm ( UnsignedFile.Multi.Generic ) - skipped by user
11:51:39.0390 2912	ParVdm ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:51:39.0390 2912	pcCMService ( UnsignedFile.Multi.Generic ) - skipped by user
11:51:39.0390 2912	pcCMService ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:51:39.0390 2912	PCI ( UnsignedFile.Multi.Generic ) - skipped by user
11:51:39.0390 2912	PCI ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:51:39.0390 2912	PCIIde ( UnsignedFile.Multi.Generic ) - skipped by user
11:51:39.0390 2912	PCIIde ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:51:39.0390 2912	Pcmcia ( UnsignedFile.Multi.Generic ) - skipped by user
11:51:39.0390 2912	Pcmcia ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:51:39.0390 2912	pcServiceHost ( UnsignedFile.Multi.Generic ) - skipped by user
11:51:39.0390 2912	pcServiceHost ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:51:39.0390 2912	phc700 ( UnsignedFile.Multi.Generic ) - skipped by user
11:51:39.0390 2912	phc700 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:51:39.0390 2912	PlugPlay ( UnsignedFile.Multi.Generic ) - skipped by user
11:51:39.0390 2912	PlugPlay ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:51:39.0390 2912	Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
11:51:39.0390 2912	Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:51:39.0390 2912	PolicyAgent ( UnsignedFile.Multi.Generic ) - skipped by user
11:51:39.0390 2912	PolicyAgent ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:51:39.0390 2912	PptpMiniport ( UnsignedFile.Multi.Generic ) - skipped by user
11:51:39.0390 2912	PptpMiniport ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:51:39.0390 2912	ProtectedStorage ( UnsignedFile.Multi.Generic ) - skipped by user
11:51:39.0390 2912	ProtectedStorage ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:51:39.0406 2912	PSched ( UnsignedFile.Multi.Generic ) - skipped by user
11:51:39.0406 2912	PSched ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:51:39.0406 2912	Ptilink ( UnsignedFile.Multi.Generic ) - skipped by user
11:51:39.0406 2912	Ptilink ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:51:39.0406 2912	RasAcd ( UnsignedFile.Multi.Generic ) - skipped by user
11:51:39.0406 2912	RasAcd ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:51:39.0406 2912	RasAuto ( UnsignedFile.Multi.Generic ) - skipped by user
11:51:39.0406 2912	RasAuto ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:51:39.0406 2912	Rasl2tp ( UnsignedFile.Multi.Generic ) - skipped by user
11:51:39.0406 2912	Rasl2tp ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:51:39.0406 2912	RasMan ( UnsignedFile.Multi.Generic ) - skipped by user
11:51:39.0406 2912	RasMan ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:51:39.0406 2912	RasPppoe ( UnsignedFile.Multi.Generic ) - skipped by user
11:51:39.0406 2912	RasPppoe ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:51:39.0406 2912	Raspti ( UnsignedFile.Multi.Generic ) - skipped by user
11:51:39.0406 2912	Raspti ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:51:39.0406 2912	Rdbss ( UnsignedFile.Multi.Generic ) - skipped by user
11:51:39.0406 2912	Rdbss ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:51:39.0406 2912	RDPCDD ( UnsignedFile.Multi.Generic ) - skipped by user
11:51:39.0406 2912	RDPCDD ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:51:39.0406 2912	RDPWD ( UnsignedFile.Multi.Generic ) - skipped by user
11:51:39.0406 2912	RDPWD ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:51:39.0406 2912	RDSessMgr ( UnsignedFile.Multi.Generic ) - skipped by user
11:51:39.0406 2912	RDSessMgr ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:51:39.0421 2912	redbook ( UnsignedFile.Multi.Generic ) - skipped by user
11:51:39.0421 2912	redbook ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:51:39.0421 2912	RemoteAccess ( UnsignedFile.Multi.Generic ) - skipped by user
11:51:39.0421 2912	RemoteAccess ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:51:39.0421 2912	RpcLocator ( UnsignedFile.Multi.Generic ) - skipped by user
11:51:39.0421 2912	RpcLocator ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:51:39.0421 2912	RpcSs ( UnsignedFile.Multi.Generic ) - skipped by user
11:51:39.0421 2912	RpcSs ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:51:39.0421 2912	RSVP ( UnsignedFile.Multi.Generic ) - skipped by user
11:51:39.0421 2912	RSVP ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:51:39.0421 2912	RT73 ( UnsignedFile.Multi.Generic ) - skipped by user
11:51:39.0421 2912	RT73 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:51:39.0421 2912	rtl8139 ( UnsignedFile.Multi.Generic ) - skipped by user
11:51:39.0421 2912	rtl8139 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:51:39.0421 2912	SamSs ( UnsignedFile.Multi.Generic ) - skipped by user
11:51:39.0421 2912	SamSs ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:51:39.0421 2912	SCardSvr ( UnsignedFile.Multi.Generic ) - skipped by user
11:51:39.0421 2912	SCardSvr ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:51:39.0421 2912	Schedule ( UnsignedFile.Multi.Generic ) - skipped by user
11:51:39.0421 2912	Schedule ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:51:39.0421 2912	Secdrv ( UnsignedFile.Multi.Generic ) - skipped by user
11:51:39.0421 2912	Secdrv ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:51:39.0421 2912	seclogon ( UnsignedFile.Multi.Generic ) - skipped by user
11:51:39.0421 2912	seclogon ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:51:39.0437 2912	senfilt ( UnsignedFile.Multi.Generic ) - skipped by user
11:51:39.0437 2912	senfilt ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:51:39.0437 2912	SENS ( UnsignedFile.Multi.Generic ) - skipped by user
11:51:39.0437 2912	SENS ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:51:39.0437 2912	serenum ( UnsignedFile.Multi.Generic ) - skipped by user
11:51:39.0437 2912	serenum ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:51:39.0437 2912	Serial ( UnsignedFile.Multi.Generic ) - skipped by user
11:51:39.0437 2912	Serial ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:51:39.0437 2912	Sfloppy ( UnsignedFile.Multi.Generic ) - skipped by user
11:51:39.0437 2912	Sfloppy ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:51:39.0437 2912	ShellHWDetection ( UnsignedFile.Multi.Generic ) - skipped by user
11:51:39.0437 2912	ShellHWDetection ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:51:39.0437 2912	SLIP ( UnsignedFile.Multi.Generic ) - skipped by user
11:51:39.0437 2912	SLIP ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:51:39.0437 2912	smwdm ( UnsignedFile.Multi.Generic ) - skipped by user
11:51:39.0437 2912	smwdm ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:51:39.0437 2912	splitter ( UnsignedFile.Multi.Generic ) - skipped by user
11:51:39.0437 2912	splitter ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:51:39.0437 2912	Spooler ( UnsignedFile.Multi.Generic ) - skipped by user
11:51:39.0437 2912	Spooler ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:51:39.0437 2912	sptd ( LockedFile.Multi.Generic ) - skipped by user
11:51:39.0437 2912	sptd ( LockedFile.Multi.Generic ) - User select action: Skip 
11:51:39.0437 2912	sr ( UnsignedFile.Multi.Generic ) - skipped by user
11:51:39.0437 2912	sr ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:51:39.0453 2912	srservice ( UnsignedFile.Multi.Generic ) - skipped by user
11:51:39.0453 2912	srservice ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:51:39.0453 2912	Srv ( UnsignedFile.Multi.Generic ) - skipped by user
11:51:39.0453 2912	Srv ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:51:39.0453 2912	SSDPSRV ( UnsignedFile.Multi.Generic ) - skipped by user
11:51:39.0453 2912	SSDPSRV ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:51:39.0453 2912	stisvc ( UnsignedFile.Multi.Generic ) - skipped by user
11:51:39.0453 2912	stisvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:51:39.0453 2912	streamip ( UnsignedFile.Multi.Generic ) - skipped by user
11:51:39.0453 2912	streamip ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:51:39.0453 2912	swenum ( UnsignedFile.Multi.Generic ) - skipped by user
11:51:39.0453 2912	swenum ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:51:39.0453 2912	swmidi ( UnsignedFile.Multi.Generic ) - skipped by user
11:51:39.0453 2912	swmidi ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:51:39.0453 2912	sysaudio ( UnsignedFile.Multi.Generic ) - skipped by user
11:51:39.0453 2912	sysaudio ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:51:39.0453 2912	SysmonLog ( UnsignedFile.Multi.Generic ) - skipped by user
11:51:39.0453 2912	SysmonLog ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:51:39.0453 2912	TapiSrv ( UnsignedFile.Multi.Generic ) - skipped by user
11:51:39.0453 2912	TapiSrv ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:51:39.0453 2912	Tcpip ( UnsignedFile.Multi.Generic ) - skipped by user
11:51:39.0453 2912	Tcpip ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:51:39.0453 2912	Tcpip6 ( UnsignedFile.Multi.Generic ) - skipped by user
11:51:39.0453 2912	Tcpip6 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:51:39.0468 2912	TDPIPE ( UnsignedFile.Multi.Generic ) - skipped by user
11:51:39.0468 2912	TDPIPE ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:51:39.0468 2912	TDTCP ( UnsignedFile.Multi.Generic ) - skipped by user
11:51:39.0468 2912	TDTCP ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:51:39.0468 2912	TermDD ( UnsignedFile.Multi.Generic ) - skipped by user
11:51:39.0468 2912	TermDD ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:51:39.0468 2912	TermService ( UnsignedFile.Multi.Generic ) - skipped by user
11:51:39.0468 2912	TermService ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:51:39.0468 2912	Themes ( UnsignedFile.Multi.Generic ) - skipped by user
11:51:39.0468 2912	Themes ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:51:39.0468 2912	TIEHDUSB ( UnsignedFile.Multi.Generic ) - skipped by user
11:51:39.0468 2912	TIEHDUSB ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:51:39.0468 2912	TrkWks ( UnsignedFile.Multi.Generic ) - skipped by user
11:51:39.0468 2912	TrkWks ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:51:39.0468 2912	tunmp ( UnsignedFile.Multi.Generic ) - skipped by user
11:51:39.0468 2912	tunmp ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:51:39.0468 2912	Udfs ( UnsignedFile.Multi.Generic ) - skipped by user
11:51:39.0468 2912	Udfs ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:51:39.0468 2912	Update ( UnsignedFile.Multi.Generic ) - skipped by user
11:51:39.0468 2912	Update ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:51:39.0468 2912	upnphost ( UnsignedFile.Multi.Generic ) - skipped by user
11:51:39.0468 2912	upnphost ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:51:39.0468 2912	UPS ( UnsignedFile.Multi.Generic ) - skipped by user
11:51:39.0468 2912	UPS ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:51:39.0468 2912	USBAAPL ( UnsignedFile.Multi.Generic ) - skipped by user
11:51:39.0468 2912	USBAAPL ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:51:39.0484 2912	usbaudio ( UnsignedFile.Multi.Generic ) - skipped by user
11:51:39.0484 2912	usbaudio ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:51:39.0484 2912	usbccgp ( UnsignedFile.Multi.Generic ) - skipped by user
11:51:39.0484 2912	usbccgp ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:51:39.0484 2912	usbehci ( UnsignedFile.Multi.Generic ) - skipped by user
11:51:39.0484 2912	usbehci ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:51:39.0484 2912	usbhub ( UnsignedFile.Multi.Generic ) - skipped by user
11:51:39.0484 2912	usbhub ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:51:39.0484 2912	usbprint ( UnsignedFile.Multi.Generic ) - skipped by user
11:51:39.0484 2912	usbprint ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:51:39.0484 2912	usbscan ( UnsignedFile.Multi.Generic ) - skipped by user
11:51:39.0484 2912	usbscan ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:51:39.0484 2912	usbsermpt ( UnsignedFile.Multi.Generic ) - skipped by user
11:51:39.0484 2912	usbsermpt ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:51:39.0484 2912	usbsermptxp ( UnsignedFile.Multi.Generic ) - skipped by user
11:51:39.0484 2912	usbsermptxp ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:51:39.0484 2912	USBSTOR ( UnsignedFile.Multi.Generic ) - skipped by user
11:51:39.0484 2912	USBSTOR ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:51:39.0484 2912	usbuhci ( UnsignedFile.Multi.Generic ) - skipped by user
11:51:39.0484 2912	usbuhci ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:51:39.0484 2912	usbvideo ( UnsignedFile.Multi.Generic ) - skipped by user
11:51:39.0500 2912	usbvideo ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:51:39.0500 2912	VgaSave ( UnsignedFile.Multi.Generic ) - skipped by user
11:51:39.0500 2912	VgaSave ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:51:39.0500 2912	VolSnap ( UnsignedFile.Multi.Generic ) - skipped by user
11:51:39.0500 2912	VolSnap ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:51:39.0500 2912	VSS ( UnsignedFile.Multi.Generic ) - skipped by user
11:51:39.0500 2912	VSS ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:51:39.0500 2912	W32Time ( UnsignedFile.Multi.Generic ) - skipped by user
11:51:39.0500 2912	W32Time ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:51:39.0500 2912	Wanarp ( UnsignedFile.Multi.Generic ) - skipped by user
11:51:39.0500 2912	Wanarp ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:51:39.0500 2912	wceusbsh ( UnsignedFile.Multi.Generic ) - skipped by user
11:51:39.0500 2912	wceusbsh ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:51:39.0500 2912	wdmaud ( UnsignedFile.Multi.Generic ) - skipped by user
11:51:39.0500 2912	wdmaud ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:51:39.0500 2912	WebClient ( UnsignedFile.Multi.Generic ) - skipped by user
11:51:39.0500 2912	WebClient ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:51:39.0500 2912	winmgmt ( UnsignedFile.Multi.Generic ) - skipped by user
11:51:39.0500 2912	winmgmt ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:51:39.0500 2912	WinRM ( UnsignedFile.Multi.Generic ) - skipped by user
11:51:39.0500 2912	WinRM ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:51:39.0500 2912	WmdmPmSN ( UnsignedFile.Multi.Generic ) - skipped by user
11:51:39.0500 2912	WmdmPmSN ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:51:39.0515 2912	WmiApSrv ( UnsignedFile.Multi.Generic ) - skipped by user
11:51:39.0515 2912	WmiApSrv ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:51:39.0515 2912	WMPNetworkSvc ( UnsignedFile.Multi.Generic ) - skipped by user
11:51:39.0515 2912	WMPNetworkSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:51:39.0515 2912	WnsDrvr ( UnsignedFile.Multi.Generic ) - skipped by user
11:51:39.0515 2912	WnsDrvr ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:51:39.0515 2912	WS2IFSL ( UnsignedFile.Multi.Generic ) - skipped by user
11:51:39.0515 2912	WS2IFSL ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:51:39.0515 2912	WSTCODEC ( UnsignedFile.Multi.Generic ) - skipped by user
11:51:39.0515 2912	WSTCODEC ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:51:39.0515 2912	WudfPf ( UnsignedFile.Multi.Generic ) - skipped by user
11:51:39.0515 2912	WudfPf ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:51:39.0515 2912	WudfRd ( UnsignedFile.Multi.Generic ) - skipped by user
11:51:39.0515 2912	WudfRd ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:51:39.0515 2912	WudfSvc ( UnsignedFile.Multi.Generic ) - skipped by user
11:51:39.0515 2912	WudfSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:51:39.0515 2912	WZCSVC ( UnsignedFile.Multi.Generic ) - skipped by user
11:51:39.0515 2912	WZCSVC ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:51:39.0515 2912	xmlprov ( UnsignedFile.Multi.Generic ) - skipped by user
11:51:39.0515 2912	xmlprov ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:51:39.0515 2912	YPCService ( UnsignedFile.Multi.Generic ) - skipped by user
11:51:39.0515 2912	YPCService ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:51:40.0203 2912	\Device\Harddisk0\DR0\# - copied to quarantine
11:51:40.0218 2912	\Device\Harddisk0\DR0 - copied to quarantine
11:51:40.0250 2912	\Device\Harddisk0\DR0\TDLFS\ldrm - copied to quarantine
11:51:40.0296 2912	\Device\Harddisk0\DR0\TDLFS\cmd.dll - copied to quarantine
11:51:40.0296 2912	\Device\Harddisk0\DR0\TDLFS\cmd64.dll - copied to quarantine
11:51:40.0312 2912	\Device\Harddisk0\DR0\TDLFS\config.ini - copied to quarantine
11:51:40.0343 2912	\Device\Harddisk0\DR0\TDLFS\sub.dll - copied to quarantine
11:51:40.0375 2912	\Device\Harddisk0\DR0\TDLFS\subx.dll - copied to quarantine
11:51:40.0390 2912	\Device\Harddisk0\DR0\TDLFS\drv32 - copied to quarantine
11:51:40.0500 2912	\Device\Harddisk0\DR0\TDLFS\drv64 - copied to quarantine
11:51:40.0500 2912	\Device\Harddisk0\DR0\TDLFS\servers.dat - copied to quarantine
11:51:40.0515 2912	\Device\Harddisk0\DR0\TDLFS\ldr16 - copied to quarantine
11:51:40.0531 2912	\Device\Harddisk0\DR0\TDLFS\ldr32 - copied to quarantine
11:51:40.0546 2912	\Device\Harddisk0\DR0\TDLFS\ldr64 - copied to quarantine
11:51:40.0562 2912	\Device\Harddisk0\DR0\TDLFS\s - copied to quarantine
11:51:40.0562 2912	\Device\Harddisk0\DR0\TDLFS\u - copied to quarantine
11:51:40.0609 2912	\Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - will be cured on reboot
11:51:40.0609 2912	\Device\Harddisk0\DR0 - ok
11:51:40.0609 2912	\Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - User select action: Cure 
11:51:40.0609 2912	\Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
11:51:40.0609 2912	\Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip

  • 0

#15
Essexboy
Posted 10 August 2012 - 11:55 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Re-run TDSSKiller please with the same parameters as before
When you get to this element select delete :

\Device\Harddisk0\DR0 ( TDSS File System )

Could you post the combofix log please
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP