[younggeeza]

Turned my pc on today and it seemed to be running slowly. In addition, on startup a message was presented to me isn't usually.

DAEMON Tools Lite
This program requires at least Windows 2000 with SPTD 1.60 or higher. Kerner debugger must be deactivated.

Now when my pc runs slowly i tend to run a scan with malwarebytes...however it wasn't open like it normally was nor could i get it to start even after uninstalling and installing in safe mode etc.

Also - if i try to go onto the malwarebytes website, i get this -

Unable to connect
Firefox can't establish a connection to the server at forums.malwarebytes.org.

-------------------------------------------------------------------------------------------------------

OTL logfile created on: 20/10/2012 20:52:01 - Run 11
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\Compaq_Owner\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

3.00 Gb Total Physical Memory | 2.21 Gb Available Physical Memory | 73.79% Memory free
4.84 Gb Paging File | 4.24 Gb Available in Paging File | 87.68% Paging File free
Paging file location(s): c:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 228.93 Gb Total Space | 78.63 Gb Free Space | 34.35% Space Free | Partition Type: NTFS
Drive D: | 3.94 Gb Total Space | 1.01 Gb Free Space | 25.56% Space Free | Partition Type: FAT32

Computer Name: SILVER-LIGHTNIN | User Name: Compaq_Owner | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/10/14 08:39:06 | 000,917,984 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2012/09/04 10:21:56 | 000,161,768 | ---- | M] (Oracle Corporation) -- C:\Program Files\Java\jre7\bin\jqs.exe
PRC - [2012/07/03 09:04:58 | 000,507,312 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Common Files\Java\Java Update\jucheck.exe
PRC - [2011/12/19 20:08:19 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Compaq_Owner\Desktop\OTL(1).exe
PRC - [2011/07/03 03:01:06 | 003,077,528 | ---- | M] () -- C:\Program Files\Pando Networks\Media Booster\PMB.exe
PRC - [2009/04/08 10:34:06 | 001,662,976 | ---- | M] (Belkin) -- C:\Program Files\Belkin\F5D8055\v2\Belkinwcui.exe
PRC - [2008/04/14 01:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2004/07/29 02:34:22 | 002,551,808 | ---- | M] (RealTek Semicoductor Corp.) -- C:\WINDOWS\ALCWZRD.EXE
PRC - [2004/07/29 01:40:18 | 000,077,824 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SOUNDMAN.EXE
PRC - [2004/01/30 14:59:40 | 000,204,800 | ---- | M] (PCTEL Inc.) -- C:\Program Files\Arcadyan Wireless\pctwpasv.exe
PRC - [2003/09/04 11:45:08 | 000,135,214 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\Logitech\QCDriver2\LVComS.exe


========== Modules (No Company Name) ==========

MOD - [2012/10/14 08:39:06 | 002,294,240 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2012/10/09 17:41:49 | 009,814,968 | ---- | M] () -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_4_402_287.dll
MOD - [2011/11/03 16:28:36 | 001,292,288 | ---- | M] () -- C:\WINDOWS\system32\quartz.dll
MOD - [2011/07/03 03:01:06 | 003,077,528 | ---- | M] () -- C:\Program Files\Pando Networks\Media Booster\PMB.exe
MOD - [2008/10/23 20:25:34 | 000,188,416 | ---- | M] () -- C:\Program Files\Belkin\F5D8055\v2\BelkinwcuiDLL.dll
MOD - [2006/02/24 12:40:56 | 000,061,440 | ---- | M] () -- C:\Program Files\Belkin\F5D8055\v2\BelkinHWStatus.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- -- (MBAMScheduler)
SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt)
SRV - [2012/10/14 08:39:06 | 000,115,168 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/09/04 10:21:56 | 000,161,768 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Program Files\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2011/09/27 20:03:28 | 000,295,192 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe -- (LBTServ)
SRV - [2008/08/07 12:17:30 | 000,575,488 | ---- | M] (Nokia.) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2007/11/06 21:22:26 | 000,092,792 | ---- | M] (CACE Technologies) [On_Demand | Stopped] -- C:\Program Files\WinPcap\rpcapd.exe -- (rpcapd) Remote Packet Capture Protocol v.0 (experimental)
SRV - [2004/01/30 14:59:40 | 000,204,800 | ---- | M] (PCTEL Inc.) [Auto | Running] -- C:\Program Files\Arcadyan Wireless\pctwpasv.exe -- (PCTWPASV)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | Disabled | Running] -- -- (Micorsoft Windows Service)
DRV - [2011/09/02 07:31:28 | 000,039,192 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LMouFilt.Sys -- (LMouFilt)
DRV - [2011/09/02 07:31:20 | 000,041,240 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LHidFilt.Sys -- (LHidFilt)
DRV - [2011/09/02 07:30:58 | 000,012,184 | ---- | M] (Logitech, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\LBeepKE.sys -- (LBeepKE)
DRV - [2011/01/04 14:58:05 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2009/04/04 00:08:08 | 000,713,344 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rt2870.sys -- (rt2870)
DRV - [2009/01/21 08:49:40 | 000,118,656 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtnicxp.sys -- (RTL8023xp)
DRV - [2008/09/26 10:53:00 | 000,079,120 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LMouKE.Sys -- (LMouKE)
DRV - [2008/09/26 10:53:00 | 000,028,816 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LUsbFilt.sys -- (LUsbFilt)
DRV - [2008/09/26 10:52:00 | 000,063,248 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\L8042mou.Sys -- (L8042mou)
DRV - [2008/09/26 10:52:00 | 000,020,240 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\L8042Kbd.sys -- (L8042Kbd)
DRV - [2008/06/06 10:24:44 | 000,008,064 | ---- | M] (Windows ® Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2008/05/07 08:38:36 | 000,008,064 | ---- | M] (Windows ® Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2008/05/07 08:38:20 | 000,020,864 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2008/05/07 08:38:20 | 000,017,536 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2008/04/13 19:53:09 | 000,040,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmnt.sys -- (nm)
DRV - [2007/11/06 21:22:06 | 000,034,064 | ---- | M] (CACE Technologies) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\npf.sys -- (NPF)
DRV - [2007/09/17 16:53:26 | 000,021,632 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2006/01/25 17:24:30 | 001,149,888 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2004/09/29 23:55:50 | 000,229,888 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sisgrp.sys -- (SiS315)
DRV - [2004/09/24 11:38:40 | 000,012,928 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\srvkp.sys -- (SiSkp)
DRV - [2004/07/29 21:04:26 | 002,216,128 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2004/06/10 19:42:38 | 000,015,429 | ---- | M] ( ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Sacm1K.sys -- (USBCM)
DRV - [2004/01/29 23:29:04 | 000,350,282 | ---- | M] (PCTEL Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\PCTELSAP.SYS -- (PRISM_A00)
DRV - [2004/01/15 13:15:06 | 000,017,359 | ---- | M] (PCTEL Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\PCTINDIS5.sys -- (PCTINDIS5)
DRV - [2003/11/13 19:01:52 | 000,145,488 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\EMUPIA2K.SYS -- (emupia)
DRV - [2003/11/13 19:01:38 | 000,130,288 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\CTSFM2K.SYS -- (ctsfm2k)
DRV - [2003/11/13 19:01:10 | 000,006,096 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\CTPRXY2K.SYS -- (ctprxy2k)
DRV - [2003/11/13 18:59:18 | 000,645,360 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\CTAC32K.SYS -- (ctac32k)
DRV - [2003/11/13 18:58:10 | 000,148,432 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\HAP16V2K.SYS -- (hap16v2k)
DRV - [2003/11/13 18:57:40 | 000,904,496 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\HA10KX2K.SYS -- (ha10kx2k)
DRV - [2003/11/12 21:11:54 | 000,333,600 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\CTDVDA2K.SYS -- (ctdvda2k)
DRV - [2003/09/19 02:47:00 | 000,010,368 | ---- | M] (Padus, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pfc.sys -- (Pfc)
DRV - [2003/09/04 11:38:56 | 000,152,576 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LV532AV.SYS -- (PID_0920) Logitech QuickCam Express(PID_0920)
DRV - [2003/07/18 17:58:20 | 000,036,992 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\SISAGPX.sys -- (SISAGP)
DRV - [2002/10/04 18:04:10 | 000,046,976 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\R8139n51.sys -- (rtl8139)
DRV - [2002/07/29 23:43:50 | 000,023,808 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\PS2.sys -- (Ps2)
DRV - [2001/08/17 13:11:18 | 000,020,160 | ---- | M] (ADMtek Incorporated) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ADM8511.SYS -- (ADM8511)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Live Search
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://search.live.c...ferrer:source?}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://uk.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-gb
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 20 82 4B 6E 8F 86 CD 01 [binary data]
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.soa-clan.info/forum/"
FF - prefs.js..network.proxy.type: 0


FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_4_402_287.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@bittorrent.com/BitTorrentDNA: C:\Program Files\DNA\plugins\npbtdna.dll (BitTorrent, Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012/04/05 23:59:54 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/10/14 08:39:07 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/10/14 19:01:18 | 000,000,000 | ---D | M]

[2009/02/11 18:43:10 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Extensions
[2009/02/11 18:43:10 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Extensions\[email protected]
[2012/10/18 14:26:19 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\r774xhi2.default\extensions
[2009/05/03 16:33:55 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\r774xhi2.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}(2)
[2012/06/27 21:04:08 | 000,000,000 | ---D | M] (Bitdefender QuickScan) -- C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\r774xhi2.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}
[2012/10/14 08:38:56 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
() (No name found) -- C:\DOCUMENTS AND SETTINGS\COMPAQ_OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\R774XHI2.DEFAULT\EXTENSIONS\[email protected]
[2012/10/14 08:39:07 | 000,261,600 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2008/09/04 01:11:24 | 000,054,600 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files\mozilla firefox\plugins\npbittorrent.dll
[2012/10/14 08:39:03 | 000,001,525 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-en-GB.xml
[2012/10/14 08:39:03 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012/10/14 08:39:03 | 000,000,935 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\chambers-en-GB.xml
[2012/10/14 08:39:03 | 000,001,166 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-en-GB.xml
[2012/10/14 08:39:03 | 000,002,058 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml
[2012/10/14 08:39:03 | 000,001,121 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-en-GB.xml

O1 HOSTS File: ([2011/12/26 02:29:09 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O4 - HKLM..\Run: [AlcWzrd] C:\WINDOWS\ALCWZRD.EXE (RealTek Semicoductor Corp.)
O4 - HKLM..\Run: [CTHelper] C:\WINDOWS\System32\CTHELPER.EXE (Creative Technology Ltd)
O4 - HKLM..\Run: [F5D8055v2] C:\Program Files\Belkin\F5D8055\v2\Belkinwcui.exe (Belkin)
O4 - HKLM..\Run: [LSBWatcher] c:\hp\drivers\hplsbwatcher\LSBurnWatcher.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [LVCOMS] C:\Program Files\Common Files\Logitech\QCDriver2\LVComS.exe (Logitech Inc.)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [Recguard] C:\WINDOWS\SMINST\Recguard.exe ()
O4 - HKLM..\Run: [SiSPower] C:\WINDOWS\System32\SiSPower.dll (Silicon Integrated Systems Corporation)
O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\SOUNDMAN.EXE (Realtek Semiconductor Corp.)
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKCU..\Run: [HphSwemj] C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\yjpdmegv\hphswemj.exe File not found
O4 - HKCU..\Run: [Pando Media Booster] C:\Program Files\Pando Networks\Media Booster\PMB.exe ()
O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000022 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000023 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000024 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000025 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000026 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000027 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000028 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000029 - mswsock.dll File not found
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} http://messenger.zon...wn.cab56986.cab (Solitaire Showdown Class)
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} http://messenger.zon...1/GAME_UNO1.cab (UnoCtrl Class)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.micros...b?1293940326812 (WUWebControl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.micros...b?1231289923359 (MUWebControl Class)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset...lineScanner.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Reg Error: Value error.)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zon...nt.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} http://messenger.zon...er.cab56986.cab (Minesweeper Flags Class)
O16 - DPF: {FE5B9F54-7764-4C01-89F0-4862601EE954} http://photos.msn.co....cab?10,0,910,0 (DigWebHelper Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 194.168.4.100 194.168.8.100
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{65F5F5DF-B133-4572-8941-3304DFB16406}: DhcpNameServer = 194.168.4.100 194.168.8.100
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\SYSTEM32\Userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\yjpdmegv\hphswemj.exe) -C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\yjpdmegv\hphswemj.exe File not found
O20 - Winlogon\Notify\igfxcui: DllName - (igfxsrvc.dll) - C:\WINDOWS\System32\igfxsrvc.dll (Intel Corporation)
O20 - Winlogon\Notify\LBTWlgn: DllName - (c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll) - c:\Program Files\Common Files\Logishrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004/01/01 09:35:37 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2001/07/27 22:07:38 | 000,000,000 | -HS- | M] () - D:\AUTOEXEC.BAT -- [ FAT32 ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2012/10/20 20:39:04 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2012/10/20 20:29:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012/10/20 20:29:33 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2012/10/20 20:29:33 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2012/10/14 17:47:56 | 000,000,000 | ---D | C] -- C:\Utopia
[2012/10/14 08:38:55 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2009/01/06 23:18:06 | 000,015,429 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\Sacm1K.sys
[2003/11/13 18:54:38 | 000,065,536 | ---- | C] ( ) -- C:\WINDOWS\System32\A3D.DLL
[2003/03/14 10:33:40 | 000,053,248 | ---- | C] ( ) -- C:\WINDOWS\System32\KILLAPPS.EXE
[14 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/10/20 20:38:36 | 000,000,282 | RHS- | M] () -- C:\boot.ini
[2012/10/20 20:35:03 | 000,206,530 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2012/10/20 20:34:52 | 000,000,248 | ---- | M] () -- C:\WINDOWS\System\hpsysdrv.dat
[2012/10/20 20:33:58 | 000,012,620 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012/10/20 20:31:17 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012/10/20 20:31:14 | 3220,557,824 | -HS- | M] () -- C:\hiberfil.sys
[2012/10/20 20:29:38 | 000,000,792 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2012/10/20 20:27:34 | 000,001,324 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2012/10/20 20:24:35 | 000,002,461 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Desktop\HiJackThis.lnk
[2012/10/20 16:26:53 | 000,511,978 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012/10/20 16:26:52 | 000,091,734 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012/10/20 05:31:28 | 000,100,144 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\ms.exe
[2012/10/16 11:07:00 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2012/10/14 22:52:20 | 000,002,431 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Labtec WebCam.lnk
[2012/10/14 17:48:01 | 000,000,607 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Desktop\Utopia Angel.lnk
[2012/10/09 21:55:56 | 000,187,392 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/10/06 13:14:57 | 001,597,734 | -H-- | M] () -- C:\Documents and Settings\Compaq_Owner\Desktop\untitled54.bmp
[2012/09/28 15:18:35 | 2145,386,496 | ---- | M] () -- C:\WINDOWS\MEMORY.DMP
[14 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/10/20 20:31:14 | 3220,557,824 | -HS- | C] () -- C:\hiberfil.sys
[2012/10/20 20:29:38 | 000,000,792 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2012/10/20 05:31:28 | 000,100,144 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\ms.exe
[2012/10/14 17:48:01 | 000,000,607 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Desktop\Utopia Angel.lnk
[2012/10/06 13:14:57 | 001,597,734 | -H-- | C] () -- C:\Documents and Settings\Compaq_Owner\Desktop\untitled54.bmp
[2012/07/06 01:47:14 | 000,000,976 | ---- | C] () -- C:\WINDOWS\eReg.dat
[2011/09/15 03:25:52 | 000,000,129 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
[2011/08/26 18:43:55 | 000,000,259 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Application Data\Gangsters2Setup.lnk
[2011/01/02 07:13:06 | 000,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI
[2011/01/02 06:31:25 | 000,376,832 | ---- | C] () -- C:\WINDOWS\System32\AegisI5Installer.exe
[2011/01/02 06:31:22 | 000,200,704 | ---- | C] () -- C:\WINDOWS\System32\UpdateDriver.exe
[2011/01/02 06:31:22 | 000,005,116 | ---- | C] () -- C:\WINDOWS\System32\ucuiinfo.ini
[2011/01/02 06:31:22 | 000,004,096 | ---- | C] () -- C:\WINDOWS\System32\drivers\RT2870.bin
[2010/12/31 12:33:13 | 000,013,931 | ---- | C] () -- C:\WINDOWS\System32\RaCoInst.dat
[2010/12/31 07:57:41 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2010/12/31 05:18:30 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2010/12/31 05:14:52 | 000,014,658 | ---- | C] () -- C:\WINDOWS\System32\Aud2_Hp.ini
[2010/12/31 05:14:52 | 000,000,029 | ---- | C] () -- C:\WINDOWS\System32\ctzapxx.ini
[2010/12/28 11:01:14 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2010/12/28 11:01:14 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2010/12/28 11:01:14 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2010/12/28 11:01:14 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2010/12/28 11:01:14 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2010/12/27 02:18:55 | 000,240,592 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb0.bin
[2010/12/27 02:18:42 | 000,240,592 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb1.bin
[2010/12/27 02:18:42 | 000,000,001 | ---- | C] () -- C:\WINDOWS\System32\nvdrssel.bin
[2010/12/24 00:37:55 | 002,293,194 | ---- | C] () -- C:\WINDOWS\System32\nvdata.bin
[2010/06/30 23:33:50 | 000,001,324 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2009/09/07 06:18:13 | 000,000,760 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Application Data\setup_ldm.iss
[2009/01/17 09:23:28 | 000,187,392 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/01/15 08:19:00 | 001,724,416 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2009/01/15 08:19:00 | 001,657,376 | ---- | C] () -- C:\WINDOWS\System32\nwiz.exe
[2009/01/15 08:19:00 | 001,507,328 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2009/01/15 08:19:00 | 001,346,080 | ---- | C] () -- C:\WINDOWS\System32\nvdspsch.exe
[2009/01/15 08:19:00 | 001,101,824 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2009/01/15 08:19:00 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2009/01/15 08:19:00 | 000,449,056 | ---- | C] () -- C:\WINDOWS\System32\nvappbar.exe
[2009/01/15 08:19:00 | 000,436,768 | ---- | C] () -- C:\WINDOWS\System32\keystone.exe
[2009/01/13 13:44:01 | 000,022,328 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Application Data\PnkBstrK.sys
[2009/01/13 13:43:45 | 000,682,280 | ---- | C] () -- C:\WINDOWS\System32\pbsvc.exe
[2009/01/08 02:28:29 | 000,066,872 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrA.exe
[2009/01/08 02:28:28 | 000,138,464 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2009/01/08 02:28:22 | 000,111,928 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrB.exe
[2009/01/07 01:46:25 | 000,015,387 | ---- | C] () -- C:\WINDOWS\System32\lvcoinst.ini
[2009/01/07 01:12:29 | 000,000,838 | ---- | C] () -- C:\WINDOWS\Sof2.INI
[2009/01/06 23:47:54 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2009/01/06 23:18:06 | 000,135,168 | ---- | C] () -- C:\WINDOWS\UNDPX1K.exe
[2009/01/06 23:18:06 | 000,053,725 | ---- | C] () -- C:\WINDOWS\UNDPX1K.sys
[2009/01/06 23:08:55 | 000,000,135 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\fusioncache.dat
[2008/11/06 17:37:32 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2008/10/28 17:40:48 | 000,173,550 | ---- | C] () -- C:\WINDOWS\System32\xlive.dll.cat
[2007/11/06 21:19:28 | 000,053,299 | ---- | C] () -- C:\WINDOWS\System32\pthreadVC.dll
[2005/01/01 22:27:41 | 000,034,699 | ---- | C] () -- C:\WINDOWS\System32\hlp.dat
[2005/01/01 22:26:23 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2005/01/01 09:02:02 | 000,103,579 | ---- | C] () -- C:\WINDOWS\VGAsetup.ini
[2005/01/01 09:02:02 | 000,095,248 | ---- | C] () -- C:\WINDOWS\System32\VGAunistlog.ini
[2004/09/14 00:35:56 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2004/08/20 04:14:46 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\PcdrKernelModeServices.dll
[2004/08/20 04:14:46 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\ProgressTrace.dll
[2004/08/02 15:20:40 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004/01/02 01:33:34 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\hpreg.dll
[2004/01/02 01:19:48 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeW7.dll
[2004/01/02 01:19:48 | 000,200,704 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeA6.dll
[2004/01/02 01:19:48 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeP6.dll
[2004/01/02 01:19:48 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeM6.dll
[2004/01/02 01:19:48 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\IVIresizePX.dll
[2004/01/02 01:19:48 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\IVIresize.dll
[2004/01/02 01:08:35 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2004/01/02 00:59:48 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\RTCOMDLL.dll
[2004/01/02 00:59:48 | 000,156,160 | ---- | C] () -- C:\WINDOWS\System32\RTLCPAPI.dll
[2004/01/02 00:56:11 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\sis760.bin
[2004/01/02 00:56:11 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\sis741.bin
[2004/01/02 00:56:11 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\sis660.bin
[2004/01/01 16:22:45 | 000,511,978 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2004/01/01 16:22:45 | 000,091,734 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2004/01/01 09:46:36 | 000,299,073 | ---- | C] () -- C:\WINDOWS\System32\PythonCOM22.dll
[2004/01/01 09:46:36 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\PyWinTypes22.dll
[2004/01/01 09:46:21 | 000,016,896 | ---- | C] () -- C:\WINDOWS\System32\bcbmm.dll
[2004/01/01 09:39:05 | 000,000,802 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2004/01/01 09:37:34 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2004/01/01 09:33:30 | 000,023,444 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2004/01/01 09:32:18 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2004/01/01 09:28:37 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2004/01/01 09:27:54 | 000,268,600 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2003/12/17 12:55:28 | 000,217,484 | ---- | C] () -- C:\WINDOWS\System32\CTDLANG.DAT
[2003/12/17 12:55:24 | 000,140,643 | ---- | C] () -- C:\WINDOWS\System32\CTBAS2W.DAT
[2003/12/17 12:55:18 | 000,264,466 | ---- | C] () -- C:\WINDOWS\System32\CTSBAS2W.DAT
[2003/12/17 12:51:14 | 000,230,201 | ---- | C] () -- C:\WINDOWS\System32\CTSBASW.DAT
[2003/12/17 12:51:14 | 000,112,411 | ---- | C] () -- C:\WINDOWS\System32\CTBASICW.DAT
[2003/12/17 12:48:18 | 000,298,971 | ---- | C] () -- C:\WINDOWS\System32\CTSTATIC.DAT
[2003/12/17 12:48:10 | 000,053,932 | ---- | C] () -- C:\WINDOWS\System32\CTDAUGHT.DAT
[2003/11/13 19:21:04 | 000,184,320 | ---- | C] () -- C:\WINDOWS\PSCONV.EXE
[2003/04/11 00:04:00 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\JAWTAccessBridge.dll
[2003/03/31 13:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2003/03/31 13:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2003/03/31 13:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2003/03/31 13:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2003/03/31 13:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2003/03/31 13:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2003/03/31 13:00:00 | 000,004,461 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2003/03/31 13:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2003/03/21 18:56:12 | 000,000,194 | ---- | C] () -- C:\WINDOWS\System32\KILL.INI
[2001/06/28 13:05:52 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\REGPLIB.EXE
[1999/08/10 18:02:20 | 000,116,736 | ---- | C] () -- C:\WINDOWS\System32\LFKODAK.DLL
[1999/08/10 18:02:16 | 000,343,040 | ---- | C] () -- C:\WINDOWS\System32\lffpx7.dll
[1999/01/27 14:39:06 | 000,065,024 | ---- | C] () -- C:\WINDOWS\System32\indounin.dll
[1997/06/13 08:56:08 | 000,056,320 | ---- | C] () -- C:\WINDOWS\System32\iyvu9_32.dll

========== LOP Check ==========

[2012/04/02 04:30:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVAST Software
[2011/01/04 14:57:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Lite
[2009/09/09 17:03:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Electronic Arts
[2009/01/07 01:55:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Installations
[2004/01/02 01:19:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\InterVideo
[2009/03/14 18:59:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Drivers HeadQuarters
[2010/07/02 15:09:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Suite
[2012/10/19 01:55:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PMB Files
[2011/12/19 19:58:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SafeReturner
[2011/01/04 15:10:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sports Interactive
[2009/01/10 07:39:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ubisoft
[2009/01/07 01:39:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
[2012/07/08 04:03:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\BitTorrent
[2009/01/07 17:46:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\DAEMON Tools
[2011/01/04 15:03:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\DAEMON Tools Lite
[2009/01/07 17:46:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\DAEMON Tools Pro
[2012/07/23 19:18:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\DDMSettings
[2009/06/25 00:30:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\DMCache
[2011/01/02 06:18:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\DNA
[2010/08/28 23:29:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Gyrapi
[2004/01/02 01:20:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Intervideo
[2010/06/25 18:55:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Iwli
[2009/01/08 02:07:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Leadertech
[2009/04/23 21:17:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\LimeWire
[2011/07/03 12:38:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\LolClient
[2012/06/27 14:08:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\LolMatches Client
[2010/06/24 17:22:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Luokx
[2009/01/07 01:55:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Nokia
[2010/08/28 20:31:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Onfo
[2010/07/04 16:17:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Oxnu
[2009/01/07 01:56:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\PC Suite
[2012/09/04 14:40:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\QuickScan
[2004/01/02 01:51:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\SampleView
[2012/04/04 17:31:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\SoftChalk
[2011/04/16 19:22:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Sports Interactive
[2009/06/25 19:10:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\TeamViewer
[2009/03/23 18:34:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\The Creative Assembly
[2011/08/21 10:16:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\TS3Client
[2009/01/10 07:39:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Ubisoft
[2012/08/28 23:40:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\USMA
[2010/09/05 12:17:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Ybhuf

========== Purity Check ==========



< End of report >

[Advertisements]

Hello, younggeeza!

I'm Nedklaw and I'll be glad to help you with your malware issues.

These instructions are specifically designed for younggeeza only. No one else should follow these instructions because it can cause serious damage to your computer.

Before we start to clean your computer of malware, please read through the following points to help me and you, and prevent damage to your computer:

• Please completely read through all of the instructions given to you before attempting to follow them. Reading too lightly will cause you to miss important steps, which could have DESTRUCTIVE effects. If you can't perform a certain step or you are unsure about what to do, let me know!
• Don't be afraid to ask questions! If you are unsure about anything, ask me! No question is considered stupid here!
• Be patient with me, logs can take some time to research and my life can mean that I'm busy.
• Please copy and paste all logs into your reply. Do not attach logs to a post unless I tell you to or if they don't fit in the post.
• If I instruct you to download a specific tool in which you already have, please delete the copy that you have and re-download the tool. The reason I ask you to do this is because these tools are updated fairly regularly.
• NEVER fix anything in OTL or other programs on your own! This can be very dangerous and cause harm to your system.
• Refrain from running any other tools apart from the ones I tell you to.

Note: You should save or print out my instructions for easy reference, as part of the fix may be in Safe Mode and you won't be able to access GeeksToGo.


You're using an old version of OTL and I need you to use the most recent version. Delete your current copy of OTL and:


Step 1

Download OTL to your desktop.

• Double click on the icon to run it. Make sure all other windows are closed to let it run uninterrupted.
  
  • Select Scan All Users.
  • Under the Custom Scan box paste this in:

  netsvcs 
  BASESERVICES 
  %SYSTEMDRIVE%\*.exe 
  /md5start 
  services.* 
  explorer.exe 
  winlogon.exe 
  Userinit.exe 
  svchost.exe 
  qmgr.dll
  /md5stop
  CREATERESTOREPOINT

• Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan won't take long.
• When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
• Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time and post them in your topic.

Step 2

Download aswMBR.exe (4.5MB) to your desktop.

Double click aswMBR.exe to run it.

Click the "Scan" button to start the scan.
If Avast asks to download definitions, please say Yes.




On completion of the scan click save log, save it to your desktop and post it in your next reply.




Things I want to see in your next reply

• OTL.txt
• Extras.txt
• aswMBR.txt

[Nedklaw]

Hello, younggeeza!

I'm Nedklaw and I'll be glad to help you with your malware issues.

These instructions are specifically designed for younggeeza only. No one else should follow these instructions because it can cause serious damage to your computer.

Before we start to clean your computer of malware, please read through the following points to help me and you, and prevent damage to your computer:

• Please completely read through all of the instructions given to you before attempting to follow them. Reading too lightly will cause you to miss important steps, which could have DESTRUCTIVE effects. If you can't perform a certain step or you are unsure about what to do, let me know!
• Don't be afraid to ask questions! If you are unsure about anything, ask me! No question is considered stupid here!
• Be patient with me, logs can take some time to research and my life can mean that I'm busy.
• Please copy and paste all logs into your reply. Do not attach logs to a post unless I tell you to or if they don't fit in the post.
• If I instruct you to download a specific tool in which you already have, please delete the copy that you have and re-download the tool. The reason I ask you to do this is because these tools are updated fairly regularly.
• NEVER fix anything in OTL or other programs on your own! This can be very dangerous and cause harm to your system.
• Refrain from running any other tools apart from the ones I tell you to.

Note: You should save or print out my instructions for easy reference, as part of the fix may be in Safe Mode and you won't be able to access GeeksToGo.


You're using an old version of OTL and I need you to use the most recent version. Delete your current copy of OTL and:


Step 1

Download OTL to your desktop.

• Double click on the icon to run it. Make sure all other windows are closed to let it run uninterrupted.
  
  • Select Scan All Users.
  • Under the Custom Scan box paste this in:

  netsvcs 
  BASESERVICES 
  %SYSTEMDRIVE%\*.exe 
  /md5start 
  services.* 
  explorer.exe 
  winlogon.exe 
  Userinit.exe 
  svchost.exe 
  qmgr.dll
  /md5stop
  CREATERESTOREPOINT

• Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan won't take long.
• When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
• Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time and post them in your topic.

Step 2

Download aswMBR.exe (4.5MB) to your desktop.

Double click aswMBR.exe to run it.

Click the "Scan" button to start the scan.
If Avast asks to download definitions, please say Yes.




On completion of the scan click save log, save it to your desktop and post it in your next reply.




Things I want to see in your next reply

• OTL.txt
• Extras.txt
• aswMBR.txt

[younggeeza]

OTL

OTL logfile created on: 21/10/2012 03:02:03 - Run 12
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\Compaq_Owner\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

3.00 Gb Total Physical Memory | 2.25 Gb Available Physical Memory | 75.15% Memory free
4.84 Gb Paging File | 4.27 Gb Available in Paging File | 88.13% Paging File free
Paging file location(s): c:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 228.93 Gb Total Space | 78.47 Gb Free Space | 34.28% Space Free | Partition Type: NTFS
Drive D: | 3.94 Gb Total Space | 1.01 Gb Free Space | 25.56% Space Free | Partition Type: FAT32

Computer Name: SILVER-LIGHTNIN | User Name: Compaq_Owner | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/10/14 08:39:06 | 000,917,984 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2012/09/24 03:54:48 | 003,646,976 | ---- | M] () -- C:\Utopia\Angel\Angel.exe
PRC - [2012/09/04 10:21:56 | 000,161,768 | ---- | M] (Oracle Corporation) -- C:\Program Files\Java\jre7\bin\jqs.exe
PRC - [2012/07/03 09:04:58 | 000,507,312 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Common Files\Java\Java Update\jucheck.exe
PRC - [2011/12/19 20:08:19 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Compaq_Owner\Desktop\OTL(1).exe
PRC - [2009/04/08 10:34:06 | 001,662,976 | ---- | M] (Belkin) -- C:\Program Files\Belkin\F5D8055\v2\Belkinwcui.exe
PRC - [2008/04/14 01:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2004/07/29 02:34:22 | 002,551,808 | ---- | M] (RealTek Semicoductor Corp.) -- C:\WINDOWS\ALCWZRD.EXE
PRC - [2004/07/29 01:40:18 | 000,077,824 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SOUNDMAN.EXE
PRC - [2004/01/30 14:59:40 | 000,204,800 | ---- | M] (PCTEL Inc.) -- C:\Program Files\Arcadyan Wireless\pctwpasv.exe
PRC - [2003/09/04 11:45:08 | 000,135,214 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\Logitech\QCDriver2\LVComS.exe


========== Modules (No Company Name) ==========

MOD - [2012/10/14 08:39:06 | 002,294,240 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2012/10/09 17:41:49 | 009,814,968 | ---- | M] () -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_4_402_287.dll
MOD - [2012/09/24 03:54:48 | 003,646,976 | ---- | M] () -- C:\Utopia\Angel\Angel.exe
MOD - [2009/01/15 08:19:00 | 000,466,944 | ---- | M] () -- C:\WINDOWS\system32\nvshell.dll
MOD - [2008/10/23 20:25:34 | 000,188,416 | ---- | M] () -- C:\Program Files\Belkin\F5D8055\v2\BelkinwcuiDLL.dll
MOD - [2008/09/16 21:18:06 | 000,132,608 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll
MOD - [2006/02/24 12:40:56 | 000,061,440 | ---- | M] () -- C:\Program Files\Belkin\F5D8055\v2\BelkinHWStatus.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt)
SRV - [2012/10/14 08:39:06 | 000,115,168 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/09/29 19:54:26 | 000,399,432 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2012/09/04 10:21:56 | 000,161,768 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Program Files\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2011/09/27 20:03:28 | 000,295,192 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe -- (LBTServ)
SRV - [2008/08/07 12:17:30 | 000,575,488 | ---- | M] (Nokia.) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2007/11/06 21:22:26 | 000,092,792 | ---- | M] (CACE Technologies) [On_Demand | Stopped] -- C:\Program Files\WinPcap\rpcapd.exe -- (rpcapd) Remote Packet Capture Protocol v.0 (experimental)
SRV - [2004/01/30 14:59:40 | 000,204,800 | ---- | M] (PCTEL Inc.) [Auto | Running] -- C:\Program Files\Arcadyan Wireless\pctwpasv.exe -- (PCTWPASV)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | Disabled | Running] -- -- (Micorsoft Windows Service)
DRV - [2012/10/20 21:09:19 | 000,040,776 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy)
DRV - [2011/09/02 07:31:28 | 000,039,192 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LMouFilt.Sys -- (LMouFilt)
DRV - [2011/09/02 07:31:20 | 000,041,240 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LHidFilt.Sys -- (LHidFilt)
DRV - [2011/09/02 07:30:58 | 000,012,184 | ---- | M] (Logitech, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\LBeepKE.sys -- (LBeepKE)
DRV - [2011/01/04 14:58:05 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2009/04/04 00:08:08 | 000,713,344 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rt2870.sys -- (rt2870)
DRV - [2009/01/21 08:49:40 | 000,118,656 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtnicxp.sys -- (RTL8023xp)
DRV - [2008/09/26 10:53:00 | 000,079,120 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LMouKE.Sys -- (LMouKE)
DRV - [2008/09/26 10:53:00 | 000,028,816 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LUsbFilt.sys -- (LUsbFilt)
DRV - [2008/09/26 10:52:00 | 000,063,248 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\L8042mou.Sys -- (L8042mou)
DRV - [2008/09/26 10:52:00 | 000,020,240 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\L8042Kbd.sys -- (L8042Kbd)
DRV - [2008/06/06 10:24:44 | 000,008,064 | ---- | M] (Windows ® Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2008/05/07 08:38:36 | 000,008,064 | ---- | M] (Windows ® Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2008/05/07 08:38:20 | 000,020,864 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2008/05/07 08:38:20 | 000,017,536 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2008/04/13 19:53:09 | 000,040,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmnt.sys -- (nm)
DRV - [2007/11/06 21:22:06 | 000,034,064 | ---- | M] (CACE Technologies) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\npf.sys -- (NPF)
DRV - [2007/09/17 16:53:26 | 000,021,632 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2006/01/25 17:24:30 | 001,149,888 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2004/09/29 23:55:50 | 000,229,888 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sisgrp.sys -- (SiS315)
DRV - [2004/09/24 11:38:40 | 000,012,928 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\srvkp.sys -- (SiSkp)
DRV - [2004/07/29 21:04:26 | 002,216,128 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2004/06/10 19:42:38 | 000,015,429 | ---- | M] ( ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Sacm1K.sys -- (USBCM)
DRV - [2004/01/29 23:29:04 | 000,350,282 | ---- | M] (PCTEL Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\PCTELSAP.SYS -- (PRISM_A00)
DRV - [2004/01/15 13:15:06 | 000,017,359 | ---- | M] (PCTEL Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\PCTINDIS5.sys -- (PCTINDIS5)
DRV - [2003/11/13 19:01:52 | 000,145,488 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\EMUPIA2K.SYS -- (emupia)
DRV - [2003/11/13 19:01:38 | 000,130,288 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\CTSFM2K.SYS -- (ctsfm2k)
DRV - [2003/11/13 19:01:10 | 000,006,096 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\CTPRXY2K.SYS -- (ctprxy2k)
DRV - [2003/11/13 18:59:18 | 000,645,360 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\CTAC32K.SYS -- (ctac32k)
DRV - [2003/11/13 18:58:10 | 000,148,432 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\HAP16V2K.SYS -- (hap16v2k)
DRV - [2003/11/13 18:57:40 | 000,904,496 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\HA10KX2K.SYS -- (ha10kx2k)
DRV - [2003/11/12 21:11:54 | 000,333,600 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\CTDVDA2K.SYS -- (ctdvda2k)
DRV - [2003/09/19 02:47:00 | 000,010,368 | ---- | M] (Padus, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pfc.sys -- (Pfc)
DRV - [2003/09/04 11:38:56 | 000,152,576 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LV532AV.SYS -- (PID_0920) Logitech QuickCam Express(PID_0920)
DRV - [2003/07/18 17:58:20 | 000,036,992 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\SISAGPX.sys -- (SISAGP)
DRV - [2002/10/04 18:04:10 | 000,046,976 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\R8139n51.sys -- (rtl8139)
DRV - [2002/07/29 23:43:50 | 000,023,808 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\PS2.sys -- (Ps2)
DRV - [2001/08/17 13:11:18 | 000,020,160 | ---- | M] (ADMtek Incorporated) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ADM8511.SYS -- (ADM8511)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-4084055621-2455302966-1550939352-1007\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Live Search
IE - HKU\S-1-5-21-4084055621-2455302966-1550939352-1007\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://search.live.c...ferrer:source?}
IE - HKU\S-1-5-21-4084055621-2455302966-1550939352-1007\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKU\S-1-5-21-4084055621-2455302966-1550939352-1007\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://uk.msn.com/?ocid=iehp
IE - HKU\S-1-5-21-4084055621-2455302966-1550939352-1007\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-gb
IE - HKU\S-1-5-21-4084055621-2455302966-1550939352-1007\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 20 82 4B 6E 8F 86 CD 01 [binary data]
IE - HKU\S-1-5-21-4084055621-2455302966-1550939352-1007\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.soa-clan.info/forum/"
FF - prefs.js..network.proxy.type: 0


FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_4_402_287.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@bittorrent.com/BitTorrentDNA: C:\Program Files\DNA\plugins\npbtdna.dll (BitTorrent, Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012/04/05 23:59:54 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/10/14 08:39:07 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/10/14 19:01:18 | 000,000,000 | ---D | M]

[2009/02/11 18:43:10 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Extensions
[2009/02/11 18:43:10 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Extensions\[email protected]
[2012/10/18 14:26:19 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\r774xhi2.default\extensions
[2009/05/03 16:33:55 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\r774xhi2.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}(2)
[2012/06/27 21:04:08 | 000,000,000 | ---D | M] (Bitdefender QuickScan) -- C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\r774xhi2.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}
[2012/10/14 08:38:56 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
() (No name found) -- C:\DOCUMENTS AND SETTINGS\COMPAQ_OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\R774XHI2.DEFAULT\EXTENSIONS\[email protected]
[2012/10/14 08:39:07 | 000,261,600 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2008/09/04 01:11:24 | 000,054,600 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files\mozilla firefox\plugins\npbittorrent.dll
[2012/10/14 08:39:03 | 000,001,525 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-en-GB.xml
[2012/10/14 08:39:03 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012/10/14 08:39:03 | 000,000,935 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\chambers-en-GB.xml
[2012/10/14 08:39:03 | 000,001,166 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-en-GB.xml
[2012/10/14 08:39:03 | 000,002,058 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml
[2012/10/14 08:39:03 | 000,001,121 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-en-GB.xml

O1 HOSTS File: ([2011/12/26 02:29:09 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O4 - HKLM..\Run: [AlcWzrd] C:\WINDOWS\ALCWZRD.EXE (RealTek Semicoductor Corp.)
O4 - HKLM..\Run: [CTHelper] C:\WINDOWS\System32\CTHELPER.EXE (Creative Technology Ltd)
O4 - HKLM..\Run: [F5D8055v2] C:\Program Files\Belkin\F5D8055\v2\Belkinwcui.exe (Belkin)
O4 - HKLM..\Run: [LSBWatcher] c:\hp\drivers\hplsbwatcher\LSBurnWatcher.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [LVCOMS] C:\Program Files\Common Files\Logitech\QCDriver2\LVComS.exe (Logitech Inc.)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [Recguard] C:\WINDOWS\SMINST\Recguard.exe ()
O4 - HKLM..\Run: [SiSPower] C:\WINDOWS\System32\SiSPower.dll (Silicon Integrated Systems Corporation)
O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\SOUNDMAN.EXE (Realtek Semiconductor Corp.)
O4 - HKU\S-1-5-21-4084055621-2455302966-1550939352-1007..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-4084055621-2455302966-1550939352-1007..\Run: [HphSwemj] C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\yjpdmegv\hphswemj.exe File not found
O4 - HKU\S-1-5-21-4084055621-2455302966-1550939352-1007..\Run: [Pando Media Booster] C:\Program Files\Pando Networks\Media Booster\PMB.exe ()
O4 - HKLM..\RunOnce: [Malwarebytes Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-4084055621-2455302966-1550939352-1007\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-4084055621-2455302966-1550939352-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-4084055621-2455302966-1550939352-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-4084055621-2455302966-1550939352-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000022 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000023 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000024 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000025 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000026 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000027 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000028 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000029 - mswsock.dll File not found
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} http://messenger.zon...wn.cab56986.cab (Solitaire Showdown Class)
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} http://messenger.zon...1/GAME_UNO1.cab (UnoCtrl Class)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.micros...b?1293940326812 (WUWebControl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.micros...b?1231289923359 (MUWebControl Class)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset...lineScanner.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Reg Error: Value error.)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zon...nt.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} http://messenger.zon...er.cab56986.cab (Minesweeper Flags Class)
O16 - DPF: {FE5B9F54-7764-4C01-89F0-4862601EE954} http://photos.msn.co....cab?10,0,910,0 (DigWebHelper Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 194.168.4.100 194.168.8.100
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{65F5F5DF-B133-4572-8941-3304DFB16406}: DhcpNameServer = 194.168.4.100 194.168.8.100
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\SYSTEM32\Userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\yjpdmegv\hphswemj.exe) -C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\yjpdmegv\hphswemj.exe File not found
O20 - Winlogon\Notify\igfxcui: DllName - (igfxsrvc.dll) - C:\WINDOWS\System32\igfxsrvc.dll (Intel Corporation)
O20 - Winlogon\Notify\LBTWlgn: DllName - (c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll) - c:\Program Files\Common Files\Logishrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004/01/01 09:35:37 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2001/07/27 22:07:38 | 000,000,000 | -HS- | M] () - D:\AUTOEXEC.BAT -- [ FAT32 ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: AppMgmt - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: Sharedaccess - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: BITS - File not found

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2012/10/20 21:08:09 | 010,669,952 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\Compaq_Owner\Desktop\mbam-setup-1.65.1.1000.exe
[2012/10/20 20:39:04 | 000,040,776 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2012/10/20 20:29:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012/10/20 20:29:33 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2012/10/20 20:29:33 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2012/10/14 17:47:56 | 000,000,000 | ---D | C] -- C:\Utopia
[2012/10/14 08:38:55 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2009/01/06 23:18:06 | 000,015,429 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\Sacm1K.sys
[2003/11/13 18:54:38 | 000,065,536 | ---- | C] ( ) -- C:\WINDOWS\System32\A3D.DLL
[2003/03/14 10:33:40 | 000,053,248 | ---- | C] ( ) -- C:\WINDOWS\System32\KILLAPPS.EXE
[14 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/10/20 21:09:19 | 000,040,776 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2012/10/20 21:09:16 | 000,000,792 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2012/10/20 21:08:23 | 010,669,952 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\Compaq_Owner\Desktop\mbam-setup-1.65.1.1000.exe
[2012/10/20 20:38:36 | 000,000,282 | RHS- | M] () -- C:\boot.ini
[2012/10/20 20:35:03 | 000,206,530 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2012/10/20 20:34:52 | 000,000,248 | ---- | M] () -- C:\WINDOWS\System\hpsysdrv.dat
[2012/10/20 20:33:58 | 000,012,620 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012/10/20 20:31:17 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012/10/20 20:31:14 | 3220,557,824 | -HS- | M] () -- C:\hiberfil.sys
[2012/10/20 20:27:34 | 000,001,324 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2012/10/20 20:24:35 | 000,002,461 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Desktop\HiJackThis.lnk
[2012/10/20 16:26:53 | 000,511,978 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012/10/20 16:26:52 | 000,091,734 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012/10/20 05:31:28 | 000,100,144 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\ms.exe
[2012/10/16 11:07:00 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2012/10/14 22:52:20 | 000,002,431 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Labtec WebCam.lnk
[2012/10/14 17:48:01 | 000,000,607 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Desktop\Utopia Angel.lnk
[2012/10/09 21:55:56 | 000,187,392 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/10/09 21:55:42 | 1287,601,135 | -H-- | M] () -- C:\Documents and Settings\Compaq_Owner\Desktop\aca_dillion_harper.wmv
[2012/10/09 19:59:59 | 671,096,309 | -H-- | M] () -- C:\Documents and Settings\Compaq_Owner\Desktop\1032-GHG_2500kbs_640x480.wmv
[2012/10/06 13:14:57 | 001,597,734 | -H-- | M] () -- C:\Documents and Settings\Compaq_Owner\Desktop\untitled54.bmp
[2012/09/29 19:54:26 | 000,022,856 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2012/09/28 15:18:35 | 2145,386,496 | ---- | M] () -- C:\WINDOWS\MEMORY.DMP
[14 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/10/20 20:31:14 | 3220,557,824 | -HS- | C] () -- C:\hiberfil.sys
[2012/10/20 20:29:38 | 000,000,792 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2012/10/20 05:31:28 | 000,100,144 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\ms.exe
[2012/10/14 17:48:01 | 000,000,607 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Desktop\Utopia Angel.lnk
[2012/10/09 19:30:36 | 1287,601,135 | -H-- | C] () -- C:\Documents and Settings\Compaq_Owner\Desktop\aca_dillion_harper.wmv
[2012/10/09 19:30:15 | 671,096,309 | -H-- | C] () -- C:\Documents and Settings\Compaq_Owner\Desktop\1032-GHG_2500kbs_640x480.wmv
[2012/10/06 13:14:57 | 001,597,734 | -H-- | C] () -- C:\Documents and Settings\Compaq_Owner\Desktop\untitled54.bmp
[2012/08/30 10:11:11 | 004,503,728 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\nud0repor.pad
[2012/07/06 01:47:14 | 000,000,976 | ---- | C] () -- C:\WINDOWS\eReg.dat
[2011/09/15 03:25:52 | 000,000,129 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
[2011/08/26 18:43:55 | 000,000,259 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Application Data\Gangsters2Setup.lnk
[2011/01/02 07:13:06 | 000,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI
[2011/01/02 06:31:25 | 000,376,832 | ---- | C] () -- C:\WINDOWS\System32\AegisI5Installer.exe
[2011/01/02 06:31:22 | 000,200,704 | ---- | C] () -- C:\WINDOWS\System32\UpdateDriver.exe
[2011/01/02 06:31:22 | 000,005,116 | ---- | C] () -- C:\WINDOWS\System32\ucuiinfo.ini
[2011/01/02 06:31:22 | 000,004,096 | ---- | C] () -- C:\WINDOWS\System32\drivers\RT2870.bin
[2010/12/31 12:33:13 | 000,013,931 | ---- | C] () -- C:\WINDOWS\System32\RaCoInst.dat
[2010/12/31 07:57:41 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2010/12/31 05:18:30 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2010/12/31 05:14:52 | 000,014,658 | ---- | C] () -- C:\WINDOWS\System32\Aud2_Hp.ini
[2010/12/31 05:14:52 | 000,000,029 | ---- | C] () -- C:\WINDOWS\System32\ctzapxx.ini
[2010/12/28 11:01:14 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2010/12/28 11:01:14 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2010/12/28 11:01:14 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2010/12/28 11:01:14 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2010/12/28 11:01:14 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2010/12/27 02:18:55 | 000,240,592 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb0.bin
[2010/12/27 02:18:42 | 000,240,592 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb1.bin
[2010/12/27 02:18:42 | 000,000,001 | ---- | C] () -- C:\WINDOWS\System32\nvdrssel.bin
[2010/12/24 00:37:55 | 002,293,194 | ---- | C] () -- C:\WINDOWS\System32\nvdata.bin
[2010/06/30 23:33:50 | 000,001,324 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2009/09/07 06:18:13 | 000,000,760 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Application Data\setup_ldm.iss
[2009/01/17 09:23:28 | 000,187,392 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/01/15 08:19:00 | 001,724,416 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2009/01/15 08:19:00 | 001,657,376 | ---- | C] () -- C:\WINDOWS\System32\nwiz.exe
[2009/01/15 08:19:00 | 001,507,328 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2009/01/15 08:19:00 | 001,346,080 | ---- | C] () -- C:\WINDOWS\System32\nvdspsch.exe
[2009/01/15 08:19:00 | 001,101,824 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2009/01/15 08:19:00 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2009/01/15 08:19:00 | 000,449,056 | ---- | C] () -- C:\WINDOWS\System32\nvappbar.exe
[2009/01/15 08:19:00 | 000,436,768 | ---- | C] () -- C:\WINDOWS\System32\keystone.exe
[2009/01/13 13:44:01 | 000,022,328 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Application Data\PnkBstrK.sys
[2009/01/13 13:43:45 | 000,682,280 | ---- | C] () -- C:\WINDOWS\System32\pbsvc.exe
[2009/01/08 02:28:29 | 000,066,872 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrA.exe
[2009/01/08 02:28:28 | 000,138,464 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2009/01/08 02:28:22 | 000,111,928 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrB.exe
[2009/01/07 01:46:25 | 000,015,387 | ---- | C] () -- C:\WINDOWS\System32\lvcoinst.ini
[2009/01/07 01:12:29 | 000,000,838 | ---- | C] () -- C:\WINDOWS\Sof2.INI
[2009/01/06 23:47:54 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2009/01/06 23:18:06 | 000,135,168 | ---- | C] () -- C:\WINDOWS\UNDPX1K.exe
[2009/01/06 23:18:06 | 000,053,725 | ---- | C] () -- C:\WINDOWS\UNDPX1K.sys
[2009/01/06 23:08:55 | 000,000,135 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\fusioncache.dat
[2008/11/06 17:37:32 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2008/10/28 17:40:48 | 000,173,550 | ---- | C] () -- C:\WINDOWS\System32\xlive.dll.cat
[2007/11/06 21:19:28 | 000,053,299 | ---- | C] () -- C:\WINDOWS\System32\pthreadVC.dll
[2005/01/01 22:27:41 | 000,034,699 | ---- | C] () -- C:\WINDOWS\System32\hlp.dat
[2005/01/01 22:26:23 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2005/01/01 09:02:02 | 000,103,579 | ---- | C] () -- C:\WINDOWS\VGAsetup.ini
[2005/01/01 09:02:02 | 000,095,248 | ---- | C] () -- C:\WINDOWS\System32\VGAunistlog.ini
[2004/09/14 00:35:56 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2004/08/20 04:14:46 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\PcdrKernelModeServices.dll
[2004/08/20 04:14:46 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\ProgressTrace.dll
[2004/08/02 15:20:40 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004/01/02 01:33:34 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\hpreg.dll
[2004/01/02 01:19:48 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeW7.dll
[2004/01/02 01:19:48 | 000,200,704 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeA6.dll
[2004/01/02 01:19:48 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeP6.dll
[2004/01/02 01:19:48 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeM6.dll
[2004/01/02 01:19:48 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\IVIresizePX.dll
[2004/01/02 01:19:48 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\IVIresize.dll
[2004/01/02 01:08:35 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2004/01/02 00:59:48 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\RTCOMDLL.dll
[2004/01/02 00:59:48 | 000,156,160 | ---- | C] () -- C:\WINDOWS\System32\RTLCPAPI.dll
[2004/01/02 00:56:11 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\sis760.bin
[2004/01/02 00:56:11 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\sis741.bin
[2004/01/02 00:56:11 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\sis660.bin
[2004/01/01 16:22:45 | 000,511,978 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2004/01/01 16:22:45 | 000,091,734 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2004/01/01 09:46:36 | 000,299,073 | ---- | C] () -- C:\WINDOWS\System32\PythonCOM22.dll
[2004/01/01 09:46:36 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\PyWinTypes22.dll
[2004/01/01 09:46:21 | 000,016,896 | ---- | C] () -- C:\WINDOWS\System32\bcbmm.dll
[2004/01/01 09:39:05 | 000,000,802 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2004/01/01 09:37:34 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2004/01/01 09:33:30 | 000,023,444 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2004/01/01 09:32:18 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2004/01/01 09:28:37 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2004/01/01 09:27:54 | 000,268,600 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2003/12/17 12:55:28 | 000,217,484 | ---- | C] () -- C:\WINDOWS\System32\CTDLANG.DAT
[2003/12/17 12:55:24 | 000,140,643 | ---- | C] () -- C:\WINDOWS\System32\CTBAS2W.DAT
[2003/12/17 12:55:18 | 000,264,466 | ---- | C] () -- C:\WINDOWS\System32\CTSBAS2W.DAT
[2003/12/17 12:51:14 | 000,230,201 | ---- | C] () -- C:\WINDOWS\System32\CTSBASW.DAT
[2003/12/17 12:51:14 | 000,112,411 | ---- | C] () -- C:\WINDOWS\System32\CTBASICW.DAT
[2003/12/17 12:48:18 | 000,298,971 | ---- | C] () -- C:\WINDOWS\System32\CTSTATIC.DAT
[2003/12/17 12:48:10 | 000,053,932 | ---- | C] () -- C:\WINDOWS\System32\CTDAUGHT.DAT
[2003/11/13 19:21:04 | 000,184,320 | ---- | C] () -- C:\WINDOWS\PSCONV.EXE
[2003/04/11 00:04:00 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\JAWTAccessBridge.dll
[2003/03/31 13:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2003/03/31 13:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2003/03/31 13:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2003/03/31 13:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2003/03/31 13:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2003/03/31 13:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2003/03/31 13:00:00 | 000,004,461 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2003/03/31 13:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2003/03/21 18:56:12 | 000,000,194 | ---- | C] () -- C:\WINDOWS\System32\KILL.INI
[2001/06/28 13:05:52 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\REGPLIB.EXE
[1999/08/10 18:02:20 | 000,116,736 | ---- | C] () -- C:\WINDOWS\System32\LFKODAK.DLL
[1999/08/10 18:02:16 | 000,343,040 | ---- | C] () -- C:\WINDOWS\System32\lffpx7.dll
[1999/01/27 14:39:06 | 000,065,024 | ---- | C] () -- C:\WINDOWS\System32\indounin.dll
[1997/06/13 08:56:08 | 000,056,320 | ---- | C] () -- C:\WINDOWS\System32\iyvu9_32.dll

========== LOP Check ==========

[2004/01/02 01:20:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Intervideo
[2004/01/02 01:51:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\SampleView
[2009/09/09 17:38:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alex\Application Data\BitTorrent
[2009/06/15 15:49:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alex\Application Data\DAEMON Tools
[2009/06/15 15:49:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alex\Application Data\DAEMON Tools Lite
[2009/06/15 15:49:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alex\Application Data\DAEMON Tools Pro
[2004/01/02 01:20:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alex\Application Data\Intervideo
[2010/07/02 15:10:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alex\Application Data\Nokia
[2010/07/02 15:11:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alex\Application Data\PC Suite
[2004/01/02 01:51:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alex\Application Data\SampleView
[2011/07/17 13:30:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alex\Application Data\Sports Interactive
[2009/03/29 15:46:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alex\Application Data\The Creative Assembly
[2012/08/30 10:18:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alex\Application Data\USMA
[2012/04/02 04:30:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVAST Software
[2011/01/04 14:57:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Lite
[2009/09/09 17:03:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Electronic Arts
[2009/01/07 01:55:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Installations
[2004/01/02 01:19:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\InterVideo
[2009/03/14 18:59:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Drivers HeadQuarters
[2010/07/02 15:09:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Suite
[2012/10/21 01:34:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PMB Files
[2011/12/19 19:58:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SafeReturner
[2011/01/04 15:10:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sports Interactive
[2009/01/10 07:39:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ubisoft
[2009/01/07 01:39:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
[2012/07/08 04:03:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\BitTorrent
[2009/01/07 17:46:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\DAEMON Tools
[2011/01/04 15:03:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\DAEMON Tools Lite
[2009/01/07 17:46:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\DAEMON Tools Pro
[2012/07/23 19:18:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\DDMSettings
[2009/06/25 00:30:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\DMCache
[2011/01/02 06:18:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\DNA
[2010/08/28 23:29:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Gyrapi
[2004/01/02 01:20:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Intervideo
[2010/06/25 18:55:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Iwli
[2009/01/08 02:07:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Leadertech
[2009/04/23 21:17:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\LimeWire
[2011/07/03 12:38:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\LolClient
[2012/06/27 14:08:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\LolMatches Client
[2010/06/24 17:22:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Luokx
[2009/01/07 01:55:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Nokia
[2010/08/28 20:31:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Onfo
[2010/07/04 16:17:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Oxnu
[2009/01/07 01:56:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\PC Suite
[2012/09/04 14:40:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\QuickScan
[2004/01/02 01:51:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\SampleView
[2012/04/04 17:31:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\SoftChalk
[2011/04/16 19:22:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Sports Interactive
[2009/06/25 19:10:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\TeamViewer
[2009/03/23 18:34:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\The Creative Assembly
[2011/08/21 10:16:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\TS3Client
[2009/01/10 07:39:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Ubisoft
[2012/08/28 23:40:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\USMA
[2010/09/05 12:17:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Ybhuf
[2004/01/02 01:20:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Default User\Application Data\Intervideo
[2004/01/02 01:51:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Default User\Application Data\SampleView

========== Purity Check ==========



========== Custom Scans ==========


< BASESERVICES >

< %SYSTEMDRIVE%\*.exe >
[2010/07/18 05:07:56 | 000,552,960 | R--- | M] (OldTimer Tools) -- C:\OTLPE.exe


< MD5 for: EXPLORER.EXE >
[2008/04/14 01:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\ERDNT\cache\explorer.exe
[2008/04/14 01:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\explorer.exe
[2008/04/14 01:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
[2004/08/04 01:56:50 | 001,032,192 | ---- | M] (Microsoft Corporation) MD5=A0732187050030AE399B241436565E64 -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe

< MD5 for: QMGR.DLL >
[2004/08/04 01:56:46 | 000,382,464 | ---- | M] (Microsoft Corporation) MD5=2C69EC7E5A311334D10DD95F338FCCEA -- C:\WINDOWS\$NtServicePackUninstall$\qmgr.dll
[2008/04/14 01:12:03 | 000,409,088 | ---- | M] (Microsoft Corporation) MD5=574738F61FCA2935F5265DC4E5691314 -- C:\WINDOWS\ERDNT\cache\qmgr.dll
[2008/04/14 01:12:03 | 000,409,088 | ---- | M] (Microsoft Corporation) MD5=574738F61FCA2935F5265DC4E5691314 -- C:\WINDOWS\ServicePackFiles\i386\qmgr.dll
[2008/04/14 01:12:03 | 000,409,088 | ---- | M] (Microsoft Corporation) MD5=574738F61FCA2935F5265DC4E5691314 -- C:\WINDOWS\system32\bits\qmgr.dll
[2008/04/14 01:12:03 | 000,409,088 | ---- | M] (Microsoft Corporation) MD5=574738F61FCA2935F5265DC4E5691314 -- C:\WINDOWS\system32\qmgr.dll

< MD5 for: SERVICES >
[2004/08/04 11:00:00 | 000,007,116 | ---- | M] () MD5=95826940E657FE0567A8EC0F2A6AD11A -- C:\WINDOWS\system32\drivers\etc\services

< MD5 for: SERVICES._ >
[2004/08/04 04:00:00 | 000,001,989 | ---- | M] () MD5=29BB3BBBE3D49156A42BFB3DD000F554 -- C:\WINDOWS\I386\SERVICES._

< MD5 for: SERVICES.EX_ >
[2004/08/04 01:56:56 | 000,049,955 | ---- | M] () MD5=85A738BA493104ED103B26CADEB8B543 -- C:\0ae355ec290c0214195627\i386\services.ex_
[2004/08/04 01:56:56 | 000,049,955 | ---- | M] () MD5=85A738BA493104ED103B26CADEB8B543 -- C:\2fef26d06df3bd6e71614342972ea362\i386\services.ex_
[2004/08/04 01:56:56 | 000,049,955 | ---- | M] () MD5=85A738BA493104ED103B26CADEB8B543 -- C:\37a389a7417c55ae9b248a8b56e7b756\i386\services.ex_
[2004/08/04 01:56:56 | 000,049,955 | ---- | M] () MD5=85A738BA493104ED103B26CADEB8B543 -- C:\8c16215202919e3ec6535126c0\i386\services.ex_
[2004/08/04 01:56:56 | 000,049,955 | ---- | M] () MD5=85A738BA493104ED103B26CADEB8B543 -- C:\e811c3f246d6b8d2eb\i386\services.ex_
[2004/08/04 04:00:00 | 000,049,955 | ---- | M] () MD5=85A738BA493104ED103B26CADEB8B543 -- C:\WINDOWS\I386\SERVICES.EX_

< MD5 for: SERVICES.EXE >
[2009/02/06 12:06:24 | 000,110,592 | ---- | M] (Microsoft Corporation) MD5=020CEAAEDC8EB655B6506B8C70D53BB6 -- C:\WINDOWS\$hf_mig$\KB956572\SP3QFE\services.exe
[2008/04/14 01:12:34 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=0E776ED5F7CC9F94299E70461B7B8185 -- C:\WINDOWS\$NtUninstallKB956572$\services.exe
[2008/04/14 01:12:34 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=0E776ED5F7CC9F94299E70461B7B8185 -- C:\WINDOWS\ServicePackFiles\i386\services.exe
[2009/02/06 18:14:03 | 000,110,592 | ---- | M] (Microsoft Corporation) MD5=37561F8D4160D62DA86D24AE41FAE8DE -- C:\WINDOWS\$NtServicePackUninstall$\services.exe
[2009/02/06 11:22:21 | 000,110,592 | ---- | M] (Microsoft Corporation) MD5=4712531AB7A01B7EE059853CA17D39BD -- C:\WINDOWS\$hf_mig$\KB956572\SP2QFE\services.exe
[2009/02/06 12:11:05 | 000,110,592 | ---- | M] (Microsoft Corporation) MD5=65DF52F5B8B6E9BBD183505225C37315 -- C:\WINDOWS\$hf_mig$\KB956572\SP3GDR\services.exe
[2009/02/06 12:11:05 | 000,110,592 | ---- | M] (Microsoft Corporation) MD5=65DF52F5B8B6E9BBD183505225C37315 -- C:\WINDOWS\ERDNT\cache\services.exe
[2009/02/06 12:11:05 | 000,110,592 | ---- | M] (Microsoft Corporation) MD5=65DF52F5B8B6E9BBD183505225C37315 -- C:\WINDOWS\system32\dllcache\services.exe
[2009/02/06 12:11:05 | 000,110,592 | ---- | M] (Microsoft Corporation) MD5=65DF52F5B8B6E9BBD183505225C37315 -- C:\WINDOWS\system32\services.exe
[2004/08/04 01:56:56 | 000,108,032 | ---- | M] (Microsoft Corporation) MD5=C6CE6EEC82F187615D1002BB3BB50ED4 -- C:\WINDOWS\$NtUninstallKB956572_0$\services.exe

< MD5 for: SERVICES.EXE.000 >
[2004/08/04 01:56:56 | 000,108,032 | ---- | M] (Microsoft Corporation) MD5=C6CE6EEC82F187615D1002BB3BB50ED4 -- C:\WINDOWS\$NtServicePackUninstall$\services.exe.000

< MD5 for: SERVICES.LNK >
[2010/12/22 10:26:19 | 000,001,610 | ---- | M] () MD5=1EF7477D561E5BAAE1DE096D2A18FA1D -- C:\Documents and Settings\All Users\Start Menu\Programs\Administrative Tools\Services.lnk

< MD5 for: SERVICES.MOCHIADS.COM.SOL >
[2012/09/03 09:39:55 | 000,000,511 | ---- | M] () MD5=6F1305BDFC8357139FFB817A8ED8CAB7 -- C:\Documents and Settings\Compaq_Owner\Application Data\Macromedia\Flash Player\#SharedObjects\NDHRRK2F\mochiads.com\services.mochiads.com.sol
[2012/10/09 10:25:18 | 000,000,531 | ---- | M] () MD5=8CDF232D9A35200952A23D51405514C6 -- C:\Documents and Settings\NetworkService\Application Data\Macromedia\Flash Player\#SharedObjects\T8ZG5RPJ\mochiads.com\services.mochiads.com.sol

< MD5 for: SERVICES.MS_ >
[2004/08/04 04:00:00 | 000,003,649 | ---- | M] () MD5=64E9F61D2ED093C361862DE36433B5E1 -- C:\WINDOWS\I386\SERVICES.MS_

< MD5 for: SERVICES.MSC >
[2003/03/31 13:00:00 | 000,033,464 | ---- | M] () MD5=E8089AA2A6F7FEE89B38C1F2D77BA6C6 -- C:\WINDOWS\system32\services.msc

< MD5 for: SERVICES.SBS >
[2009/04/07 08:00:12 | 000,029,828 | ---- | M] () MD5=CF7223D957510997BCE31F5856AC95BD -- C:\Program Files\Spybot - Search & Destroy\Includes(2)\Services.sbs

< MD5 for: SVCHOST.EXE >
[2008/04/14 01:12:36 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\ERDNT\cache\svchost.exe
[2008/04/14 01:12:36 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\ServicePackFiles\i386\svchost.exe
[2008/04/14 01:12:36 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\system32\svchost.exe
[2012/09/29 19:54:26 | 000,218,184 | ---- | M] () MD5=8846E87210AD131CF71E3E2E49F647B0 -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\svchost.exe
[2004/08/04 01:56:58 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=8F078AE4ED187AAABC0A305146DE6716 -- C:\WINDOWS\$NtServicePackUninstall$\svchost.exe

< MD5 for: USERINIT.EXE >
[2004/08/04 01:56:58 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=39B1FFB03C2296323832ACBAE50D2AFF -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe
[2008/04/14 01:12:38 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\ERDNT\cache\userinit.exe
[2008/04/14 01:12:38 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008/04/14 01:12:38 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\system32\userinit.exe

< MD5 for: WINLOGON.EXE >
[2004/08/04 01:56:58 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=01C3346C241652F43AED8E2149881BFE -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2012/09/29 19:54:26 | 000,218,184 | ---- | M] () MD5=8846E87210AD131CF71E3E2E49F647B0 -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2008/04/14 01:12:39 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\ERDNT\cache\winlogon.exe
[2008/04/14 01:12:39 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008/04/14 01:12:39 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\system32\winlogon.exe

< End of report >


AN EXTRA FILE DIDN'T POP UP

--------------------------------------------------------------------------------------------------------

When i click on that link for the download i get this.

Unable to connect
Firefox can't establish a connection to the server at public.avast.com.

I did already have aswMBR available though. It wouldn't let me download the latest definitions however.


aswMBR version 0.9.9.1120 Copyright© 2011 AVAST Software
Run date: 2012-10-21 03:18:26
-----------------------------
03:18:26.828 OS Version: Windows 5.1.2600 Service Pack 3
03:18:26.828 Number of processors: 2 586 0x401
03:18:26.843 ComputerName: SILVER-LIGHTNIN UserName: Compaq_Owner
03:18:27.609 Initialize success
03:18:32.046 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-17
03:18:32.046 Disk 0 Vendor: WDC_WD2500JD-00HBB0 08.02D08 Size: 238475MB BusType: 3
03:18:34.078 Disk 0 MBR read successfully
03:18:34.078 Disk 0 MBR scan
03:18:34.078 Disk 0 Windows XP default MBR code
03:18:34.093 Disk 0 Partition 1 00 0B FAT32 RECOVERY 4038 MB offset 63
03:18:34.093 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 234426 MB offset 8270640
03:18:34.093 Disk 0 scanning sectors +488376000
03:18:34.171 Disk 0 scanning C:\WINDOWS\system32\drivers
03:18:42.265 Service scanning
03:18:43.015 Service sptd C:\WINDOWS\System32\Drivers\sptd.sys **LOCKED** 32
03:18:43.546 Modules scanning
03:18:51.953 Disk 0 trace - called modules:
03:18:51.968 ntkrnlpa.exe CLASSPNP.SYS disk.sys atapi.sys spkr.sys hal.dll >>UNKNOWN [0x8b53b938]<<
03:18:51.968 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8b446ab8]
03:18:51.968 3 CLASSPNP.SYS[ba108fd7] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP2T0L0-17[0x8b593030]
03:18:51.968 Scan finished successfully
03:19:04.406 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Compaq_Owner\Desktop\MBR.dat"
03:19:04.406 The log file has been saved successfully to "C:\Documents and Settings\Compaq_Owner\Desktop\aswMBR.txt"

Thanks for the help so far!

[Nedklaw]

Hi.
You're still using an old version of OTL. You need to delete your current copy and download the newest version from here.

After downloading the newest version (3.2.69.0) to your desktop, please follow the instructions in my previous post to perform a scan.

[younggeeza]

Ah sorry - here ya go.

OTL logfile created on: 22/10/2012 11:56:09 - Run 14
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Compaq_Owner\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

3.00 Gb Total Physical Memory | 2.42 Gb Available Physical Memory | 80.70% Memory free
4.84 Gb Paging File | 4.42 Gb Available in Paging File | 91.40% Paging File free
Paging file location(s): c:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 228.93 Gb Total Space | 77.25 Gb Free Space | 33.74% Space Free | Partition Type: NTFS
Drive D: | 3.94 Gb Total Space | 1.01 Gb Free Space | 25.56% Space Free | Partition Type: FAT32

Computer Name: SILVER-LIGHTNIN | User Name: Compaq_Owner | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/10/22 11:45:55 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Compaq_Owner\Desktop\OTL.exe
PRC - [2012/09/24 03:54:48 | 003,646,976 | ---- | M] () -- C:\Utopia\Angel\Angel.exe
PRC - [2012/09/04 10:21:56 | 000,161,768 | ---- | M] (Oracle Corporation) -- C:\Program Files\Java\jre7\bin\jqs.exe
PRC - [2012/07/03 09:04:58 | 000,507,312 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Common Files\Java\Java Update\jucheck.exe
PRC - [2009/04/08 10:34:06 | 001,662,976 | ---- | M] (Belkin) -- C:\Program Files\Belkin\F5D8055\v2\Belkinwcui.exe
PRC - [2008/08/07 12:17:30 | 000,575,488 | ---- | M] (Nokia.) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
PRC - [2008/08/05 15:11:04 | 000,130,560 | ---- | M] () -- C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
PRC - [2008/08/05 15:10:58 | 000,120,320 | ---- | M] () -- C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
PRC - [2008/04/14 01:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2004/07/29 02:34:22 | 002,551,808 | ---- | M] (RealTek Semicoductor Corp.) -- C:\WINDOWS\ALCWZRD.EXE
PRC - [2004/07/29 01:40:18 | 000,077,824 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SOUNDMAN.EXE
PRC - [2004/01/30 14:59:40 | 000,204,800 | ---- | M] (PCTEL Inc.) -- C:\Program Files\Arcadyan Wireless\pctwpasv.exe
PRC - [2003/09/04 11:45:08 | 000,135,214 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\Logitech\QCDriver2\LVComS.exe


========== Modules (No Company Name) ==========

MOD - [2012/09/24 03:54:48 | 003,646,976 | ---- | M] () -- C:\Utopia\Angel\Angel.exe
MOD - [2009/01/15 08:19:00 | 000,466,944 | ---- | M] () -- C:\WINDOWS\system32\nvshell.dll
MOD - [2008/10/23 20:25:34 | 000,188,416 | ---- | M] () -- C:\Program Files\Belkin\F5D8055\v2\BelkinwcuiDLL.dll
MOD - [2008/09/16 21:18:06 | 000,132,608 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll
MOD - [2008/08/05 15:11:04 | 000,130,560 | ---- | M] () -- C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
MOD - [2008/08/05 15:10:58 | 000,120,320 | ---- | M] () -- C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
MOD - [2006/02/24 12:40:56 | 000,061,440 | ---- | M] () -- C:\Program Files\Belkin\F5D8055\v2\BelkinHWStatus.dll


========== Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt)
SRV - [2012/10/14 08:39:06 | 000,115,168 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/09/29 19:54:26 | 000,399,432 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2012/09/04 10:21:56 | 000,161,768 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Program Files\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2011/09/27 20:03:28 | 000,295,192 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe -- (LBTServ)
SRV - [2008/08/07 12:17:30 | 000,575,488 | ---- | M] (Nokia.) [On_Demand | Running] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2007/11/06 21:22:26 | 000,092,792 | ---- | M] (CACE Technologies) [On_Demand | Stopped] -- C:\Program Files\WinPcap\rpcapd.exe -- (rpcapd)
SRV - [2004/01/30 14:59:40 | 000,204,800 | ---- | M] (PCTEL Inc.) [Auto | Running] -- C:\Program Files\Arcadyan Wireless\pctwpasv.exe -- (PCTWPASV)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | Boot | Stopped] -- system32\DRIVERS\viaagp1.sys -- (viaagp1)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\PROGRA~1\COMMON~1\SYMANT~1\SymcData\idsdefs\20040813.178\symidsco.sys -- (SYMIDSCO)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\Safe Returner\RegKernelHelp.sys -- (RegKernelHelp)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\Drivers\PROCEXP151.SYS -- (PROCEXP151)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | Disabled | Running] -- C:\DOCUME~1\COMPAQ~1\LOCALS~1\Temp\obfaabiv.sys -- (Micorsoft Windows Service)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\el90xbc5.sys -- (EL90XBC)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\EagleXNt.sys -- (EagleXNt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\ComboFix\catchme.sys -- (catchme)
DRV - File not found [Kernel | On_Demand | Unknown] -- C:\DOCUME~1\COMPAQ~1\LOCALS~1\Temp\aswMBR.sys -- (aswMBR)
DRV - File not found [Kernel | On_Demand | Unknown] -- -- (a8amt3vy)
DRV - File not found [Kernel | On_Demand | Unknown] -- -- (a0pxejky)
DRV - [2012/10/20 21:09:19 | 000,040,776 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy)
DRV - [2011/09/02 07:31:28 | 000,039,192 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LMouFilt.Sys -- (LMouFilt)
DRV - [2011/09/02 07:31:20 | 000,041,240 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LHidFilt.Sys -- (LHidFilt)
DRV - [2011/09/02 07:30:58 | 000,012,184 | ---- | M] (Logitech, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\LBeepKE.sys -- (LBeepKE)
DRV - [2011/01/04 14:58:05 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sptd.sys -- (sptd)
DRV - [2009/04/04 00:08:08 | 000,713,344 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rt2870.sys -- (rt2870)
DRV - [2009/01/21 08:49:40 | 000,118,656 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtnicxp.sys -- (RTL8023xp)
DRV - [2008/09/26 10:53:00 | 000,079,120 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LMouKE.Sys -- (LMouKE)
DRV - [2008/09/26 10:53:00 | 000,028,816 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LUsbFilt.sys -- (LUsbFilt)
DRV - [2008/09/26 10:52:00 | 000,063,248 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\L8042mou.Sys -- (L8042mou)
DRV - [2008/09/26 10:52:00 | 000,020,240 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\L8042Kbd.sys -- (L8042Kbd)
DRV - [2008/06/06 10:24:44 | 000,008,064 | ---- | M] (Windows ® Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2008/05/07 08:38:36 | 000,008,064 | ---- | M] (Windows ® Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2008/05/07 08:38:20 | 000,020,864 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2008/05/07 08:38:20 | 000,017,536 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2008/04/13 19:53:09 | 000,040,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmnt.sys -- (nm)
DRV - [2007/11/06 21:22:06 | 000,034,064 | ---- | M] (CACE Technologies) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\npf.sys -- (NPF)
DRV - [2007/09/17 16:53:26 | 000,021,632 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2006/01/25 17:24:30 | 001,149,888 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2004/09/29 23:55:50 | 000,229,888 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sisgrp.sys -- (SiS315)
DRV - [2004/09/24 11:38:40 | 000,012,928 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\srvkp.sys -- (SiSkp)
DRV - [2004/07/29 21:04:26 | 002,216,128 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService)
DRV - [2004/06/10 19:42:38 | 000,015,429 | ---- | M] ( ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Sacm1K.sys -- (USBCM)
DRV - [2004/01/29 23:29:04 | 000,350,282 | ---- | M] (PCTEL Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\PCTELSAP.SYS -- (PRISM_A00)
DRV - [2004/01/15 13:15:06 | 000,017,359 | ---- | M] (PCTEL Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\PCTINDIS5.sys -- (PCTINDIS5)
DRV - [2003/11/13 19:01:52 | 000,145,488 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\EMUPIA2K.SYS -- (emupia)
DRV - [2003/11/13 19:01:38 | 000,130,288 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\CTSFM2K.SYS -- (ctsfm2k)
DRV - [2003/11/13 19:01:10 | 000,006,096 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\CTPRXY2K.SYS -- (ctprxy2k)
DRV - [2003/11/13 18:59:18 | 000,645,360 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\CTAC32K.SYS -- (ctac32k)
DRV - [2003/11/13 18:58:10 | 000,148,432 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\HAP16V2K.SYS -- (hap16v2k)
DRV - [2003/11/13 18:57:40 | 000,904,496 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\HA10KX2K.SYS -- (ha10kx2k)
DRV - [2003/11/12 21:11:54 | 000,333,600 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\CTDVDA2K.SYS -- (ctdvda2k)
DRV - [2003/09/19 02:47:00 | 000,010,368 | ---- | M] (Padus, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pfc.sys -- (Pfc)
DRV - [2003/09/04 11:38:56 | 000,152,576 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LV532AV.SYS -- (PID_0920)
DRV - [2003/07/18 17:58:20 | 000,036,992 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\SISAGPX.SYS -- (SISAGP)
DRV - [2002/10/04 18:04:10 | 000,046,976 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\R8139n51.sys -- (rtl8139)
DRV - [2002/07/29 23:43:50 | 000,023,808 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\PS2.sys -- (Ps2)
DRV - [2001/08/17 13:11:18 | 000,020,160 | ---- | M] (ADMtek Incorporated) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ADM8511.SYS -- (ADM8511)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-4084055621-2455302966-1550939352-1007\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Live Search
IE - HKU\S-1-5-21-4084055621-2455302966-1550939352-1007\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://search.live.c...ferrer:source?}
IE - HKU\S-1-5-21-4084055621-2455302966-1550939352-1007\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKU\S-1-5-21-4084055621-2455302966-1550939352-1007\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://uk.msn.com/?ocid=iehp
IE - HKU\S-1-5-21-4084055621-2455302966-1550939352-1007\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-gb
IE - HKU\S-1-5-21-4084055621-2455302966-1550939352-1007\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 20 82 4B 6E 8F 86 CD 01 [binary data]
IE - HKU\S-1-5-21-4084055621-2455302966-1550939352-1007\..\SearchScopes,DefaultScope = {AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB9}
IE - HKU\S-1-5-21-4084055621-2455302966-1550939352-1007\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...Box&Form=IE8SRC
IE - HKU\S-1-5-21-4084055621-2455302966-1550939352-1007\..\SearchScopes\{A344D54B-1871-43A7-8EC5-E567C418D4C8}: "URL" = http://search.live.c...Box&Form=IE8SRC
IE - HKU\S-1-5-21-4084055621-2455302966-1550939352-1007\..\SearchScopes\{AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB9}: "URL" = http://www.daemon-se...q={searchTerms}
IE - HKU\S-1-5-21-4084055621-2455302966-1550939352-1007\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.soa-clan.info/forum/"
FF - prefs.js..extensions.enabledAddons: {e001c731-5e37-4538-a5cb-8168736a2360}:0.9.9.119
FF - prefs.js..extensions.enabledAddons: [email protected]:0.801
FF - prefs.js..network.proxy.type: 0


FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_4_402_287.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@bittorrent.com/BitTorrentDNA: C:\Program Files\DNA\plugins\npbtdna.dll (BitTorrent, Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012/04/05 23:59:54 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/10/14 08:39:07 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/10/14 19:01:18 | 000,000,000 | ---D | M]

[2009/02/11 18:43:10 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Extensions
[2009/02/11 18:43:10 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Extensions\[email protected]
[2012/10/18 14:26:19 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\r774xhi2.default\extensions
[2009/05/03 16:33:55 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\r774xhi2.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}(2)
[2012/06/27 21:04:08 | 000,000,000 | ---D | M] (Bitdefender QuickScan) -- C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\r774xhi2.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}
[2012/04/03 13:24:58 | 000,004,234 | ---- | M] () (No name found) -- C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\r774xhi2.default\extensions\[email protected]
[2012/10/18 14:26:19 | 000,239,323 | ---- | M] () (No name found) -- C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\r774xhi2.default\extensions\[email protected]
[2012/07/26 18:01:55 | 000,741,958 | ---- | M] () (No name found) -- C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\r774xhi2.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2012/10/14 08:38:56 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012/10/14 08:39:07 | 000,261,600 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2008/09/04 01:11:24 | 000,054,600 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files\mozilla firefox\plugins\npbittorrent.dll
[2012/10/14 08:39:03 | 000,001,525 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-en-GB.xml
[2012/10/14 08:39:03 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012/10/14 08:39:03 | 000,000,935 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\chambers-en-GB.xml
[2012/10/14 08:39:03 | 000,001,166 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-en-GB.xml
[2012/10/14 08:39:03 | 000,002,058 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml
[2012/10/14 08:39:03 | 000,001,121 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-en-GB.xml

O1 HOSTS File: ([2011/12/26 02:29:09 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O4 - HKLM..\Run: [AlcWzrd] C:\WINDOWS\ALCWZRD.EXE (RealTek Semicoductor Corp.)
O4 - HKLM..\Run: [CTHelper] C:\WINDOWS\System32\CTHELPER.EXE (Creative Technology Ltd)
O4 - HKLM..\Run: [F5D8055v2] C:\Program Files\Belkin\F5D8055\v2\Belkinwcui.exe (Belkin)
O4 - HKLM..\Run: [LSBWatcher] c:\hp\drivers\hplsbwatcher\LSBurnWatcher.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [LVCOMS] C:\Program Files\Common Files\Logitech\QCDriver2\LVComS.exe (Logitech Inc.)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [Recguard] C:\WINDOWS\SMINST\Recguard.exe ()
O4 - HKLM..\Run: [SiSPower] C:\WINDOWS\System32\SiSPower.dll (Silicon Integrated Systems Corporation)
O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\SOUNDMAN.EXE (Realtek Semiconductor Corp.)
O4 - HKU\S-1-5-21-4084055621-2455302966-1550939352-1007..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-4084055621-2455302966-1550939352-1007..\Run: [HphSwemj] C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\yjpdmegv\hphswemj.exe File not found
O4 - HKU\S-1-5-21-4084055621-2455302966-1550939352-1007..\Run: [Pando Media Booster] C:\Program Files\Pando Networks\Media Booster\PMB.exe ()
O4 - HKLM..\RunOnce: [Malwarebytes Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-4084055621-2455302966-1550939352-1007\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-4084055621-2455302966-1550939352-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-4084055621-2455302966-1550939352-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-4084055621-2455302966-1550939352-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000022 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000023 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000024 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000025 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000026 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000027 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000028 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000029 - mswsock.dll File not found
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} http://messenger.zon...wn.cab56986.cab (Solitaire Showdown Class)
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} http://messenger.zon...1/GAME_UNO1.cab (UnoCtrl Class)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.micros...b?1293940326812 (WUWebControl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.micros...b?1231289923359 (MUWebControl Class)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset...lineScanner.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Reg Error: Value error.)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zon...nt.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} http://messenger.zon...er.cab56986.cab (Minesweeper Flags Class)
O16 - DPF: {FE5B9F54-7764-4C01-89F0-4862601EE954} http://photos.msn.co....cab?10,0,910,0 (DigWebHelper Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 194.168.4.100 194.168.8.100
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{65F5F5DF-B133-4572-8941-3304DFB16406}: DhcpNameServer = 194.168.4.100 194.168.8.100
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\SYSTEM32\Userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\yjpdmegv\hphswemj.exe) - C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\yjpdmegv\hphswemj.exe File not found
O20 - Winlogon\Notify\igfxcui: DllName - (igfxsrvc.dll) - C:\WINDOWS\System32\igfxsrvc.dll (Intel Corporation)
O20 - Winlogon\Notify\LBTWlgn: DllName - (c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll) - c:\Program Files\Common Files\Logishrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004/01/01 09:35:37 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2001/07/27 22:07:38 | 000,000,000 | -HS- | M] () - D:\AUTOEXEC.BAT -- [ FAT32 ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2012/10/22 11:45:54 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Compaq_Owner\Desktop\OTL.exe
[2012/10/20 21:08:09 | 010,669,952 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\Compaq_Owner\Desktop\mbam-setup-1.65.1.1000.exe
[2012/10/20 20:39:04 | 000,040,776 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2012/10/20 20:29:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012/10/20 20:29:33 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2012/10/20 20:29:33 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2012/10/14 17:47:56 | 000,000,000 | ---D | C] -- C:\Utopia
[2012/10/14 08:38:55 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[14 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/10/22 11:45:55 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Compaq_Owner\Desktop\OTL.exe
[2012/10/20 21:09:19 | 000,040,776 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2012/10/20 21:09:16 | 000,000,792 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2012/10/20 21:08:23 | 010,669,952 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\Compaq_Owner\Desktop\mbam-setup-1.65.1.1000.exe
[2012/10/20 20:38:36 | 000,000,282 | RHS- | M] () -- C:\boot.ini
[2012/10/20 20:35:03 | 000,206,530 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2012/10/20 20:34:52 | 000,000,248 | ---- | M] () -- C:\WINDOWS\System\hpsysdrv.dat
[2012/10/20 20:33:58 | 000,012,620 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012/10/20 20:31:17 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012/10/20 20:31:14 | 3220,557,824 | -HS- | M] () -- C:\hiberfil.sys
[2012/10/20 20:27:34 | 000,001,324 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2012/10/20 20:24:35 | 000,002,461 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Desktop\HiJackThis.lnk
[2012/10/20 16:26:53 | 000,511,978 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012/10/20 16:26:52 | 000,091,734 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012/10/20 05:31:28 | 000,100,144 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\ms.exe
[2012/10/16 11:07:00 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2012/10/14 22:52:20 | 000,002,431 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Labtec WebCam.lnk
[2012/10/14 17:48:01 | 000,000,607 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Desktop\Utopia Angel.lnk
[2012/10/09 21:55:56 | 000,187,392 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/10/06 13:14:57 | 001,597,734 | -H-- | M] () -- C:\Documents and Settings\Compaq_Owner\Desktop\untitled54.bmp
[2012/09/29 19:54:26 | 000,022,856 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2012/09/28 15:18:35 | 2145,386,496 | ---- | M] () -- C:\WINDOWS\MEMORY.DMP
[14 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/10/20 20:31:14 | 3220,557,824 | -HS- | C] () -- C:\hiberfil.sys
[2012/10/20 20:29:38 | 000,000,792 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2012/10/20 05:31:28 | 000,100,144 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\ms.exe
[2012/10/14 17:48:01 | 000,000,607 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Desktop\Utopia Angel.lnk
[2012/10/06 13:14:57 | 001,597,734 | -H-- | C] () -- C:\Documents and Settings\Compaq_Owner\Desktop\untitled54.bmp
[2012/08/22 20:39:59 | 000,000,040 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\jagex_cl_runescape_LIVE.dat
[2012/07/06 01:47:14 | 000,000,976 | ---- | C] () -- C:\WINDOWS\eReg.dat
[2011/09/15 03:25:52 | 000,000,129 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
[2011/08/26 18:43:55 | 000,000,259 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Application Data\Gangsters2Setup.lnk
[2011/01/02 07:13:06 | 000,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI
[2011/01/02 06:31:25 | 000,376,832 | ---- | C] () -- C:\WINDOWS\System32\AegisI5Installer.exe
[2011/01/02 06:31:22 | 000,200,704 | ---- | C] () -- C:\WINDOWS\System32\UpdateDriver.exe
[2011/01/02 06:31:22 | 000,005,116 | ---- | C] () -- C:\WINDOWS\System32\ucuiinfo.ini
[2011/01/02 06:31:22 | 000,004,096 | ---- | C] () -- C:\WINDOWS\System32\drivers\RT2870.bin
[2010/12/31 12:33:13 | 000,013,931 | ---- | C] () -- C:\WINDOWS\System32\RaCoInst.dat
[2010/12/31 07:57:41 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2010/12/31 05:18:30 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2010/12/31 05:14:52 | 000,014,658 | ---- | C] () -- C:\WINDOWS\System32\Aud2_Hp.ini
[2010/12/31 05:14:52 | 000,000,029 | ---- | C] () -- C:\WINDOWS\System32\ctzapxx.ini
[2010/12/28 11:01:14 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2010/12/28 11:01:14 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2010/12/28 11:01:14 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2010/12/28 11:01:14 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2010/12/28 11:01:14 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2010/12/27 02:18:55 | 000,240,592 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb0.bin
[2010/12/27 02:18:42 | 000,240,592 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb1.bin
[2010/12/27 02:18:42 | 000,000,001 | ---- | C] () -- C:\WINDOWS\System32\nvdrssel.bin
[2010/12/24 00:37:55 | 002,293,194 | ---- | C] () -- C:\WINDOWS\System32\nvdata.bin
[2009/09/07 06:18:13 | 000,000,760 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Application Data\setup_ldm.iss
[2009/06/05 05:29:51 | 000,000,034 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\jagex_runescape_preferences.dat
[2009/01/17 09:23:28 | 000,187,392 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/01/13 13:44:01 | 000,022,328 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Application Data\PnkBstrK.sys
[2009/01/06 23:08:55 | 000,000,135 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\fusioncache.dat

========== ZeroAccess Check ==========

[2012/10/02 01:59:26 | 000,002,048 | -HS- | M] () -- C:\RECYCLER\S-1-5-18\$364d55605115baf1d28d3f84fec5e12b\@
[2012/09/03 12:30:30 | 000,000,000 | -HSD | M] -- C:\RECYCLER\S-1-5-18\$364d55605115baf1d28d3f84fec5e12b\L
[2012/10/09 17:28:36 | 000,000,000 | -HSD | M] -- C:\RECYCLER\S-1-5-18\$364d55605115baf1d28d3f84fec5e12b\U
[2012/09/04 11:23:14 | 000,000,804 | ---- | M] () -- C:\RECYCLER\S-1-5-18\$364d55605115baf1d28d3f84fec5e12b\L\00000004.@
[2012/10/09 17:26:41 | 000,002,048 | -HS- | M] () -- C:\recycler\S-1-5-21-4084055621-2455302966-1550939352-1007\$364d55605115baf1d28d3f84fec5e12b\@
[2012/09/03 12:30:12 | 000,000,000 | -HSD | M] -- C:\recycler\S-1-5-21-4084055621-2455302966-1550939352-1007\$364d55605115baf1d28d3f84fec5e12b\L
[2012/09/03 12:30:12 | 000,000,000 | -HSD | M] -- C:\recycler\S-1-5-21-4084055621-2455302966-1550939352-1007\$364d55605115baf1d28d3f84fec5e12b\U
[2004/01/01 09:53:03 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
"ThreadingModel" = Both
"" = shell32.dll -- [2012/06/08 15:26:20 | 008,462,848 | ---- | M] (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2011/11/01 21:35:20 | 001,510,400 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = fastprox.dll -- [2009/02/09 13:10:48 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\System32\wbem\wbemess.dll -- [2008/04/14 01:12:08 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2004/01/02 01:20:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Intervideo
[2004/01/02 01:51:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\SampleView
[2009/09/09 17:38:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alex\Application Data\BitTorrent
[2009/06/15 15:49:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alex\Application Data\DAEMON Tools
[2009/06/15 15:49:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alex\Application Data\DAEMON Tools Lite
[2009/06/15 15:49:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alex\Application Data\DAEMON Tools Pro
[2004/01/02 01:20:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alex\Application Data\Intervideo
[2010/07/02 15:10:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alex\Application Data\Nokia
[2010/07/02 15:11:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alex\Application Data\PC Suite
[2004/01/02 01:51:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alex\Application Data\SampleView
[2011/07/17 13:30:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alex\Application Data\Sports Interactive
[2009/03/29 15:46:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alex\Application Data\The Creative Assembly
[2012/08/30 10:18:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alex\Application Data\USMA
[2012/04/02 04:30:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVAST Software
[2011/01/04 14:57:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Lite
[2009/09/09 17:03:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Electronic Arts
[2009/01/07 01:55:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Installations
[2004/01/02 01:19:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\InterVideo
[2009/03/14 18:59:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Drivers HeadQuarters
[2010/07/02 15:09:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Suite
[2012/10/21 01:34:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PMB Files
[2011/12/19 19:58:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SafeReturner
[2011/01/04 15:10:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sports Interactive
[2009/01/10 07:39:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ubisoft
[2009/01/07 01:39:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
[2012/07/08 04:03:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\BitTorrent
[2009/01/07 17:46:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\DAEMON Tools
[2011/01/04 15:03:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\DAEMON Tools Lite
[2009/01/07 17:46:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\DAEMON Tools Pro
[2012/07/23 19:18:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\DDMSettings
[2009/06/25 00:30:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\DMCache
[2011/01/02 06:18:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\DNA
[2010/08/28 23:29:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Gyrapi
[2004/01/02 01:20:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Intervideo
[2010/06/25 18:55:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Iwli
[2009/01/08 02:07:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Leadertech
[2009/04/23 21:17:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\LimeWire
[2011/07/03 12:38:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\LolClient
[2012/06/27 14:08:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\LolMatches Client
[2010/06/24 17:22:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Luokx
[2009/01/07 01:55:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Nokia
[2010/08/28 20:31:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Onfo
[2010/07/04 16:17:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Oxnu
[2009/01/07 01:56:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\PC Suite
[2012/09/04 14:40:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\QuickScan
[2004/01/02 01:51:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\SampleView
[2012/04/04 17:31:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\SoftChalk
[2011/04/16 19:22:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Sports Interactive
[2009/06/25 19:10:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\TeamViewer
[2009/03/23 18:34:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\The Creative Assembly
[2011/08/21 10:16:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\TS3Client
[2009/01/10 07:39:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Ubisoft
[2012/08/28 23:40:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\USMA
[2010/09/05 12:17:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Ybhuf
[2004/01/02 01:20:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Default User\Application Data\Intervideo
[2004/01/02 01:51:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Default User\Application Data\SampleView

========== Purity Check ==========



========== Custom Scans ==========

========== Base Services ==========
SRV - [2008/04/14 01:12:12 | 000,044,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\alg.exe -- (ALG)
No service found with a name of wuauserv
No service found with a name of BITS
SRV - [2012/07/06 14:58:51 | 000,078,336 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\system32\browser.dll -- (Browser)
SRV - [2008/04/14 01:11:51 | 000,062,464 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\cryptsvc.dll -- (CryptSvc)
SRV - [2008/04/14 01:11:51 | 000,126,976 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\dhcpcsvc.dll -- (Dhcp)
SRV - [2009/04/20 18:17:26 | 000,045,568 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\dnsrslvr.dll -- (Dnscache)
SRV - [2009/02/06 12:11:05 | 000,110,592 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\services.exe -- (Eventlog)
SRV - [2008/04/14 01:11:52 | 000,033,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\eapsvc.dll -- (EapHost)
SRV - [2009/07/28 00:17:41 | 000,135,168 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\shsvcs.dll -- (FastUserSwitchingCompatibility)
SRV - [2008/04/14 01:12:08 | 000,015,872 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\w3ssl.dll -- (HTTPFilter)
SRV - [2008/04/14 01:11:54 | 000,021,504 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\hidserv.dll -- (HidServ)
SRV - [2008/04/14 01:12:22 | 000,150,528 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\imapi.exe -- (ImapiService)
SRV - [2008/04/14 01:12:24 | 000,013,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\lsass.exe -- (PolicyAgent)
SRV - [2008/04/14 01:11:52 | 000,023,552 | ---- | M] (Microsoft Corp.) [On_Demand | Stopped] -- C:\WINDOWS\system32\dmserver.dll -- (dmserver)
SRV - [2008/04/14 01:12:17 | 000,224,768 | ---- | M] (Microsoft Corp., Veritas Software) [On_Demand | Stopped] -- C:\WINDOWS\System32\dmadmin.exe -- (dmadmin)
SRV - [2008/04/14 01:12:17 | 000,005,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\System32\dllhost.exe -- (SwPrv)
SRV - [2008/04/14 01:12:24 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\lsass.exe -- (Netlogon)
SRV - [2008/04/14 01:12:01 | 000,198,144 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\netman.dll -- (Netman)
SRV - [2008/06/20 17:02:47 | 000,245,248 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\mswsock.dll -- (Nla)
SRV - [2009/02/06 12:11:05 | 000,110,592 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\services.exe -- (PlugPlay)
SRV - [2010/08/17 14:17:06 | 000,058,880 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\spoolsv.exe -- (Spooler)
SRV - [2008/04/14 01:12:24 | 000,013,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\lsass.exe -- (ProtectedStorage)
SRV - [2008/04/14 01:12:03 | 000,088,576 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\rasauto.dll -- (RasAuto)
SRV - [2008/04/14 01:12:03 | 000,186,368 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\rasmans.dll -- (RasMan)
SRV - [2009/02/09 13:10:48 | 000,401,408 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\rpcss.dll -- (RpcSs)
SRV - [2008/04/14 01:12:02 | 000,435,200 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\ntmssvc.dll -- (NtmsSvc)
SRV - [2008/04/14 01:12:05 | 000,018,944 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\seclogon.dll -- (seclogon)
SRV - [2008/04/14 01:12:24 | 000,013,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\lsass.exe -- (SamSs)
No service found with a name of wscsvc
SRV - [2010/08/27 06:57:43 | 000,099,840 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\srvsvc.dll -- (lanmanserver)
SRV - [2009/07/28 00:17:41 | 000,135,168 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\shsvcs.dll -- (ShellHWDetection)
SRV - [2008/04/14 01:12:07 | 000,171,008 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\srsvc.dll -- (srservice)
SRV - [2008/04/14 01:12:05 | 000,192,512 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\schedsvc.dll -- (Schedule)
SRV - [2008/04/14 01:11:56 | 000,013,824 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\lmhsvc.dll -- (LmHosts)
SRV - [2008/04/14 01:12:07 | 000,249,856 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\tapisrv.dll -- (TapiSrv)
SRV - [2008/04/14 01:12:07 | 000,295,424 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\termsrv.dll -- (TermService)
SRV - [2009/07/28 00:17:41 | 000,135,168 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\shsvcs.dll -- (Themes)
SRV - [2008/04/14 01:12:38 | 000,289,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\vssvc.exe -- (VSS)
SRV - [2008/04/14 01:11:50 | 000,042,496 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\audiosrv.dll -- (AudioSrv)
No service found with a name of SharedAccess
SRV - [2008/04/14 01:12:08 | 000,333,824 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\wiaservc.dll -- (stisvc)
SRV - [2008/04/14 01:12:28 | 000,078,848 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\System32\msiexec.exe -- (MSIServer)
SRV - [2008/04/14 01:12:09 | 000,144,896 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\wbem\wmisvc.dll -- (winmgmt)
No service found with a name of Wmi
SRV - [2008/04/14 01:11:52 | 000,132,096 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\dot3svc.dll -- (Dot3svc)
SRV - [2008/04/14 01:12:11 | 000,483,840 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\wzcsvc.dll -- (WZCSVC)
SRV - [2009/06/10 07:14:49 | 000,132,096 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\wkssvc.dll -- (LanmanWorkstation)

< %SYSTEMDRIVE%\*.exe >
[2010/07/18 05:07:56 | 000,552,960 | R--- | M] (OldTimer Tools) -- C:\OTLPE.exe

< MD5 for: EXPLORER.EXE >
[2008/04/14 01:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\ERDNT\cache\explorer.exe
[2008/04/14 01:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\explorer.exe
[2008/04/14 01:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
[2004/08/04 01:56:50 | 001,032,192 | ---- | M] (Microsoft Corporation) MD5=A0732187050030AE399B241436565E64 -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe

< MD5 for: QMGR.DLL >
[2004/08/04 01:56:46 | 000,382,464 | ---- | M] (Microsoft Corporation) MD5=2C69EC7E5A311334D10DD95F338FCCEA -- C:\WINDOWS\$NtServicePackUninstall$\qmgr.dll
[2008/04/14 01:12:03 | 000,409,088 | ---- | M] (Microsoft Corporation) MD5=574738F61FCA2935F5265DC4E5691314 -- C:\WINDOWS\ERDNT\cache\qmgr.dll
[2008/04/14 01:12:03 | 000,409,088 | ---- | M] (Microsoft Corporation) MD5=574738F61FCA2935F5265DC4E5691314 -- C:\WINDOWS\ServicePackFiles\i386\qmgr.dll
[2008/04/14 01:12:03 | 000,409,088 | ---- | M] (Microsoft Corporation) MD5=574738F61FCA2935F5265DC4E5691314 -- C:\WINDOWS\system32\bits\qmgr.dll
[2008/04/14 01:12:03 | 000,409,088 | ---- | M] (Microsoft Corporation) MD5=574738F61FCA2935F5265DC4E5691314 -- C:\WINDOWS\system32\qmgr.dll

< MD5 for: SERVICES >
[2004/08/04 11:00:00 | 000,007,116 | ---- | M] () MD5=95826940E657FE0567A8EC0F2A6AD11A -- C:\WINDOWS\system32\drivers\etc\services

< MD5 for: SERVICES._ >
[2004/08/04 04:00:00 | 000,001,989 | ---- | M] () MD5=29BB3BBBE3D49156A42BFB3DD000F554 -- C:\WINDOWS\I386\SERVICES._

< MD5 for: SERVICES.EX_ >
[2004/08/04 01:56:56 | 000,049,955 | ---- | M] () MD5=85A738BA493104ED103B26CADEB8B543 -- C:\0ae355ec290c0214195627\i386\services.ex_
[2004/08/04 01:56:56 | 000,049,955 | ---- | M] () MD5=85A738BA493104ED103B26CADEB8B543 -- C:\2fef26d06df3bd6e71614342972ea362\i386\services.ex_
[2004/08/04 01:56:56 | 000,049,955 | ---- | M] () MD5=85A738BA493104ED103B26CADEB8B543 -- C:\37a389a7417c55ae9b248a8b56e7b756\i386\services.ex_
[2004/08/04 01:56:56 | 000,049,955 | ---- | M] () MD5=85A738BA493104ED103B26CADEB8B543 -- C:\8c16215202919e3ec6535126c0\i386\services.ex_
[2004/08/04 01:56:56 | 000,049,955 | ---- | M] () MD5=85A738BA493104ED103B26CADEB8B543 -- C:\e811c3f246d6b8d2eb\i386\services.ex_
[2004/08/04 04:00:00 | 000,049,955 | ---- | M] () MD5=85A738BA493104ED103B26CADEB8B543 -- C:\WINDOWS\I386\SERVICES.EX_

< MD5 for: SERVICES.EXE >
[2009/02/06 12:06:24 | 000,110,592 | ---- | M] (Microsoft Corporation) MD5=020CEAAEDC8EB655B6506B8C70D53BB6 -- C:\WINDOWS\$hf_mig$\KB956572\SP3QFE\services.exe
[2008/04/14 01:12:34 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=0E776ED5F7CC9F94299E70461B7B8185 -- C:\WINDOWS\$NtUninstallKB956572$\services.exe
[2008/04/14 01:12:34 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=0E776ED5F7CC9F94299E70461B7B8185 -- C:\WINDOWS\ServicePackFiles\i386\services.exe
[2009/02/06 18:14:03 | 000,110,592 | ---- | M] (Microsoft Corporation) MD5=37561F8D4160D62DA86D24AE41FAE8DE -- C:\WINDOWS\$NtServicePackUninstall$\services.exe
[2009/02/06 11:22:21 | 000,110,592 | ---- | M] (Microsoft Corporation) MD5=4712531AB7A01B7EE059853CA17D39BD -- C:\WINDOWS\$hf_mig$\KB956572\SP2QFE\services.exe
[2009/02/06 12:11:05 | 000,110,592 | ---- | M] (Microsoft Corporation) MD5=65DF52F5B8B6E9BBD183505225C37315 -- C:\WINDOWS\$hf_mig$\KB956572\SP3GDR\services.exe
[2009/02/06 12:11:05 | 000,110,592 | ---- | M] (Microsoft Corporation) MD5=65DF52F5B8B6E9BBD183505225C37315 -- C:\WINDOWS\ERDNT\cache\services.exe
[2009/02/06 12:11:05 | 000,110,592 | ---- | M] (Microsoft Corporation) MD5=65DF52F5B8B6E9BBD183505225C37315 -- C:\WINDOWS\system32\dllcache\services.exe
[2009/02/06 12:11:05 | 000,110,592 | ---- | M] (Microsoft Corporation) MD5=65DF52F5B8B6E9BBD183505225C37315 -- C:\WINDOWS\system32\services.exe
[2004/08/04 01:56:56 | 000,108,032 | ---- | M] (Microsoft Corporation) MD5=C6CE6EEC82F187615D1002BB3BB50ED4 -- C:\WINDOWS\$NtUninstallKB956572_0$\services.exe

< MD5 for: SERVICES.EXE.000 >
[2004/08/04 01:56:56 | 000,108,032 | ---- | M] (Microsoft Corporation) MD5=C6CE6EEC82F187615D1002BB3BB50ED4 -- C:\WINDOWS\$NtServicePackUninstall$\services.exe.000

< MD5 for: SERVICES.LNK >
[2010/12/22 10:26:19 | 000,001,610 | ---- | M] () MD5=1EF7477D561E5BAAE1DE096D2A18FA1D -- C:\Documents and Settings\All Users\Start Menu\Programs\Administrative Tools\Services.lnk

< MD5 for: SERVICES.MOCHIADS.COM.SOL >
[2012/09/03 09:39:55 | 000,000,511 | ---- | M] () MD5=6F1305BDFC8357139FFB817A8ED8CAB7 -- C:\Documents and Settings\Compaq_Owner\Application Data\Macromedia\Flash Player\#SharedObjects\NDHRRK2F\mochiads.com\services.mochiads.com.sol
[2012/10/09 10:25:18 | 000,000,531 | ---- | M] () MD5=8CDF232D9A35200952A23D51405514C6 -- C:\Documents and Settings\NetworkService\Application Data\Macromedia\Flash Player\#SharedObjects\T8ZG5RPJ\mochiads.com\services.mochiads.com.sol

< MD5 for: SERVICES.MS_ >
[2004/08/04 04:00:00 | 000,003,649 | ---- | M] () MD5=64E9F61D2ED093C361862DE36433B5E1 -- C:\WINDOWS\I386\SERVICES.MS_

< MD5 for: SERVICES.MSC >
[2003/03/31 13:00:00 | 000,033,464 | ---- | M] () MD5=E8089AA2A6F7FEE89B38C1F2D77BA6C6 -- C:\WINDOWS\system32\services.msc

< MD5 for: SERVICES.SBS >
[2009/04/07 08:00:12 | 000,029,828 | ---- | M] () MD5=CF7223D957510997BCE31F5856AC95BD -- C:\Program Files\Spybot - Search & Destroy\Includes(2)\Services.sbs

< MD5 for: SVCHOST.EXE >
[2008/04/14 01:12:36 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\ERDNT\cache\svchost.exe
[2008/04/14 01:12:36 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\ServicePackFiles\i386\svchost.exe
[2008/04/14 01:12:36 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\system32\svchost.exe
[2012/09/29 19:54:26 | 000,218,184 | ---- | M] () MD5=8846E87210AD131CF71E3E2E49F647B0 -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\svchost.exe
[2004/08/04 01:56:58 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=8F078AE4ED187AAABC0A305146DE6716 -- C:\WINDOWS\$NtServicePackUninstall$\svchost.exe

< MD5 for: USERINIT.EXE >
[2004/08/04 01:56:58 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=39B1FFB03C2296323832ACBAE50D2AFF -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe
[2008/04/14 01:12:38 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\ERDNT\cache\userinit.exe
[2008/04/14 01:12:38 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008/04/14 01:12:38 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\system32\userinit.exe

< MD5 for: WINLOGON.EXE >
[2004/08/04 01:56:58 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=01C3346C241652F43AED8E2149881BFE -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2012/09/29 19:54:26 | 000,218,184 | ---- | M] () MD5=8846E87210AD131CF71E3E2E49F647B0 -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2008/04/14 01:12:39 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\ERDNT\cache\winlogon.exe
[2008/04/14 01:12:39 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008/04/14 01:12:39 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\system32\winlogon.exe

< End of report >

[Nedklaw]

Hi.
You have the ZeroAccess infection so lets get rid of it.


Step 1

If you have the paid version of Malwarebytes 1.6 or later installed, please disable it for the duration of this run.

To disable MBAM

Open the scanner and select the Protection tab.
Remove the tick from Start protection module with Windows.
Reboot and then run OTL.




Run OTL.

• Under the Custom Scans/Fixes box at the bottom, paste in the following:
  
  

  :Commands 
  [CREATERESTOREPOINT] 
  
  :OTL 
  DRV - File not found [Kernel | Disabled | Running] -- C:\DOCUME~1\COMPAQ~1\LOCALS~1\Temp\obfaabiv.sys -- (Micorsoft Windows Service)
  DRV - File not found [Kernel | On_Demand | Unknown] -- -- (a8amt3vy)
  DRV - File not found [Kernel | On_Demand | Unknown] -- -- (a0pxejky)
  O4 - HKU\S-1-5-21-4084055621-2455302966-1550939352-1007..\Run: [HphSwemj] C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\yjpdmegv\hphswemj.exe File not found
  O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
  O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
  O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
  O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
  O7 - HKU\S-1-5-21-4084055621-2455302966-1550939352-1007\Software\Policies\Microsoft\Internet Explorer\Control Panel present
  O20 - HKLM Winlogon: UserInit - (C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\yjpdmegv\hphswemj.exe) - C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\yjpdmegv\hphswemj.exe File not found
  [2012/10/20 05:31:28 | 000,100,144 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\ms.exe
  [2010/08/28 23:29:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Gyrapi
  [2010/06/25 18:55:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Iwli
  [2010/06/24 17:22:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Luokx
  [2010/08/28 20:31:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Onfo
  [2010/07/04 16:17:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Oxnu
  [2010/09/05 12:17:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Ybhuf
  [14 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
  
  :Files
  C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\yjpdmegv
  C:\RECYCLER\S-1-5-18\$364d55605115baf1d28d3f84fec5e12b
  C:\recycler\S-1-5-21-4084055621-2455302966-1550939352-1007\$364d55605115baf1d28d3f84fec5e12b
  ipconfig /flushdns /c
  
  :Commands 
  [emptytemp]
  [Reboot]

• Then click the Run Fix button at the top.
• Let the program run unhindered, reboot the PC when it is done.
• Post the log that appears upon reboot in your next reply.
• If no log appears upon reboot, the OTL Fix log should be located at C:\_OTL\MovedFiles\mmddyyyy_hhmmss.log, where mmddyyyy_hhmmss is the date and the time of the tool run.
• Open OTL again and select the "Scan All Users" box.
• Click the Quick Scan button. Post the log it produces in your next reply.

Step 2

Delete your current copy of ComboFix and download it again from one of these locations:

Link 1
Link 2
Link 3


IMPORTANT!!! You need to Save ComboFix.exe to your Desktop

• Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. If you are still unsure on how to do this, see here.
• Double click on ComboFix.exe & follow the prompts.
  
  
  
• Please be patient and don't use the PC whilst it is scanning.
• When finished, it shall produce a log for you. Please copy & paste the contents of this log at C:\ComboFix.txt in your next reply.

Notes:
1. Do not mouse-click Combofix's window while it is running. That may cause it to stall.
2. Do not "re-run" Combofix. If you have a problem, reply back for further instructions.
3. If after the reboot you get this error "Illegal operation attempted on a registry key that has been marked for deletion" then reboot, that will cure it.


Step 3

Please download the latest version of TDSSKiller from here and save it to your desktop.

• Double-click on TDSSKiller.exe to run the application, then click on Change parameters.
  
  
  
  
• Put a checkmark beside Loaded modules.
  
  
  
  
• A reboot will be needed to apply the changes. Do it.
  
• TDSSKiller will launch automatically after the reboot. Also your computer may seem very slow and unusable. This is normal. Give it enough time to load your background programs.
• Then click on Change parameters in TDSSKiller.
• Check all boxes then click OK.
  
  
  
  
• Click the Start Scan button.
• The scan should take no longer than 2 minutes.
• If a suspicious object is detected, the default action will be Skip, click on Continue.
  
  
  
  
• If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.
• Ensure Cure is selected, then click Continue --> Reboot now to finish the cleaning process.
  
• Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.

A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents in your next reply.


Step 4

Please download Farbar Service Scanner and transfer it to the computer with the internet issue. Double click the file to run it.

• Tick "All" of the options.
  
  
  
• Press "Scan".
• It will create a log (FSS.txt) in the same directory the tool is run.
• Please copy and paste the log to your reply.

Things I want to see in your next reply

• OTL Fix Log
• OTL.txt
• ComboFix.txt
• TDSSKiller.[Version]_[Date]_[Time]_log.txt
• FSS.txt

[younggeeza]

OTL FIX LOG

All processes killed
========== COMMANDS ==========
Restore point Set: OTL Restore Point
========== OTL ==========
Service Micorsoft Windows Service stopped successfully!
Service\Driver key Micorsoft Windows Service not found.
File C:\DOCUME~1\COMPAQ~1\LOCALS~1\Temp\obfaabiv.sys not found.
Error: No service named a8amt3vy was found to stop!
Service\Driver key a8amt3vy not found.
Error: No service named a0pxejky was found to stop!
Service\Driver key a0pxejky not found.
Registry value HKEY_USERS\S-1-5-21-4084055621-2455302966-1550939352-1007\Software\Microsoft\Windows\CurrentVersion\Run\\HphSwemj deleted successfully.
Registry key HKEY_USERS\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel\ not found.
Registry key HKEY_USERS\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel\ not found.
Registry key HKEY_USERS\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel\ not found.
Registry key HKEY_USERS\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel\ not found.
Registry key HKEY_USERS\S-1-5-21-4084055621-2455302966-1550939352-1007\Software\Policies\Microsoft\Internet Explorer\Control Panel\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\UserInit:C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\yjpdmegv\hphswemj.exe deleted successfully.
C:\Documents and Settings\Compaq_Owner\ms.exe moved successfully.
C:\Documents and Settings\Compaq_Owner\Application Data\Gyrapi folder moved successfully.
C:\Documents and Settings\Compaq_Owner\Application Data\Iwli folder moved successfully.
C:\Documents and Settings\Compaq_Owner\Application Data\Luokx folder moved successfully.
C:\Documents and Settings\Compaq_Owner\Application Data\Onfo folder moved successfully.
C:\Documents and Settings\Compaq_Owner\Application Data\Oxnu folder moved successfully.
C:\Documents and Settings\Compaq_Owner\Application Data\Ybhuf folder moved successfully.
C:\WINDOWS\000001_.tmp deleted successfully.
C:\WINDOWS\002651_.tmp deleted successfully.
C:\WINDOWS\006039_.tmp deleted successfully.
C:\WINDOWS\8AAB4176A747493AA42CB63CFADFD8E3.TMP\WiseCustomCalla.dll deleted successfully.
C:\WINDOWS\8AAB4176A747493AA42CB63CFADFD8E3.TMP folder deleted successfully.
C:\WINDOWS\msdownld.tmp folder deleted successfully.
C:\WINDOWS\NV1084668.TMP\default.tvp deleted successfully.
C:\WINDOWS\NV1084668.TMP\keystone.exe deleted successfully.
C:\WINDOWS\NV1084668.TMP\nv3d.chm deleted successfully.
C:\WINDOWS\NV1084668.TMP\nv3dara.chm deleted successfully.
C:\WINDOWS\NV1084668.TMP\nv3dchs.chm deleted successfully.
C:\WINDOWS\NV1084668.TMP\nv3dcht.chm deleted successfully.
C:\WINDOWS\NV1084668.TMP\nv3dcsy.chm deleted successfully.
C:\WINDOWS\NV1084668.TMP\nv3ddan.chm deleted successfully.
C:\WINDOWS\NV1084668.TMP\nv3ddeu.chm deleted successfully.
C:\WINDOWS\NV1084668.TMP\nv3dell.chm deleted successfully.
C:\WINDOWS\NV1084668.TMP\nv3deng.chm deleted successfully.
C:\WINDOWS\NV1084668.TMP\nv3desm.chm deleted successfully.
C:\WINDOWS\NV1084668.TMP\nv3desn.chm deleted successfully.
C:\WINDOWS\NV1084668.TMP\nv3dfin.chm deleted successfully.
C:\WINDOWS\NV1084668.TMP\nv3dfra.chm deleted successfully.
C:\WINDOWS\NV1084668.TMP\nv3dheb.chm deleted successfully.
C:\WINDOWS\NV1084668.TMP\nv3dhun.chm deleted successfully.
C:\WINDOWS\NV1084668.TMP\nv3dita.chm deleted successfully.
C:\WINDOWS\NV1084668.TMP\nv3djpn.chm deleted successfully.
C:\WINDOWS\NV1084668.TMP\nv3dkor.chm deleted successfully.
C:\WINDOWS\NV1084668.TMP\nv3dnld.chm deleted successfully.
C:\WINDOWS\NV1084668.TMP\nv3dnor.chm deleted successfully.
C:\WINDOWS\NV1084668.TMP\nv3dplk.chm deleted successfully.
C:\WINDOWS\NV1084668.TMP\nv3dptb.chm deleted successfully.
C:\WINDOWS\NV1084668.TMP\nv3dptg.chm deleted successfully.
C:\WINDOWS\NV1084668.TMP\nv3drus.chm deleted successfully.
C:\WINDOWS\NV1084668.TMP\nv3dsky.chm deleted successfully.
C:\WINDOWS\NV1084668.TMP\nv3dslv.chm deleted successfully.
C:\WINDOWS\NV1084668.TMP\nv3dsve.chm deleted successfully.
C:\WINDOWS\NV1084668.TMP\nv3dtha.chm deleted successfully.
C:\WINDOWS\NV1084668.TMP\nv3dtrk.chm deleted successfully.
C:\WINDOWS\NV1084668.TMP\nvappbar.exe deleted successfully.
C:\WINDOWS\NV1084668.TMP\nvapps.nvb deleted successfully.
C:\WINDOWS\NV1084668.TMP\nvcolor.exe deleted successfully.
C:\WINDOWS\NV1084668.TMP\nvcpar.hlp deleted successfully.
C:\WINDOWS\NV1084668.TMP\nvcpcs.hlp deleted successfully.
C:\WINDOWS\NV1084668.TMP\nvcpda.hlp deleted successfully.
C:\WINDOWS\NV1084668.TMP\nvcpde.hlp deleted successfully.
C:\WINDOWS\NV1084668.TMP\nvcpel.hlp deleted successfully.
C:\WINDOWS\NV1084668.TMP\nvcpeng.hlp deleted successfully.
C:\WINDOWS\NV1084668.TMP\nvcpes.hlp deleted successfully.
C:\WINDOWS\NV1084668.TMP\nvcpesm.hlp deleted successfully.
C:\WINDOWS\NV1084668.TMP\nvcpfi.hlp deleted successfully.
C:\WINDOWS\NV1084668.TMP\nvcpfr.hlp deleted successfully.
C:\WINDOWS\NV1084668.TMP\nvcphe.hlp deleted successfully.
C:\WINDOWS\NV1084668.TMP\nvcphu.hlp deleted successfully.
C:\WINDOWS\NV1084668.TMP\nvcpit.hlp deleted successfully.
C:\WINDOWS\NV1084668.TMP\nvcpja.hlp deleted successfully.
C:\WINDOWS\NV1084668.TMP\nvcpko.hlp deleted successfully.
C:\WINDOWS\NV1084668.TMP\nvcpl.chm deleted successfully.
C:\WINDOWS\NV1084668.TMP\nvcpl.cpl deleted successfully.
C:\WINDOWS\NV1084668.TMP\nvcplara.chm deleted successfully.
C:\WINDOWS\NV1084668.TMP\nvcplchs.chm deleted successfully.
C:\WINDOWS\NV1084668.TMP\nvcplcht.chm deleted successfully.
C:\WINDOWS\NV1084668.TMP\nvcplcsy.chm deleted successfully.
C:\WINDOWS\NV1084668.TMP\nvcpldan.chm deleted successfully.
C:\WINDOWS\NV1084668.TMP\nvcpldeu.chm deleted successfully.
C:\WINDOWS\NV1084668.TMP\nvcplell.chm deleted successfully.
C:\WINDOWS\NV1084668.TMP\nvcpleng.chm deleted successfully.
C:\WINDOWS\NV1084668.TMP\nvcplesm.chm deleted successfully.
C:\WINDOWS\NV1084668.TMP\nvcplesn.chm deleted successfully.
C:\WINDOWS\NV1084668.TMP\nvcplfin.chm deleted successfully.
C:\WINDOWS\NV1084668.TMP\nvcplfra.chm deleted successfully.
C:\WINDOWS\NV1084668.TMP\nvcplheb.chm deleted successfully.
C:\WINDOWS\NV1084668.TMP\nvcplhun.chm deleted successfully.
C:\WINDOWS\NV1084668.TMP\nvcplita.chm deleted successfully.
C:\WINDOWS\NV1084668.TMP\nvcpljpn.chm deleted successfully.
C:\WINDOWS\NV1084668.TMP\nvcplkor.chm deleted successfully.
C:\WINDOWS\NV1084668.TMP\nvcplnld.chm deleted successfully.
C:\WINDOWS\NV1084668.TMP\nvcplnor.chm deleted successfully.
C:\WINDOWS\NV1084668.TMP\nvcplplk.chm deleted successfully.
C:\WINDOWS\NV1084668.TMP\nvcplptb.chm deleted successfully.
C:\WINDOWS\NV1084668.TMP\nvcplptg.chm deleted successfully.
C:\WINDOWS\NV1084668.TMP\nvcplrus.chm deleted successfully.
C:\WINDOWS\NV1084668.TMP\nvcplsky.chm deleted successfully.
C:\WINDOWS\NV1084668.TMP\nvcplslv.chm deleted successfully.
C:\WINDOWS\NV1084668.TMP\nvcplsve.chm deleted successfully.
C:\WINDOWS\NV1084668.TMP\nvcpltha.chm deleted successfully.
C:\WINDOWS\NV1084668.TMP\nvcpltrk.chm deleted successfully.
C:\WINDOWS\NV1084668.TMP\nvcplui.exe deleted successfully.
C:\WINDOWS\NV1084668.TMP\nvcpluir.dll deleted successfully.
C:\WINDOWS\NV1084668.TMP\nvcpnl.hlp deleted successfully.
C:\WINDOWS\NV1084668.TMP\nvcpno.hlp deleted successfully.
C:\WINDOWS\NV1084668.TMP\nvcppl.hlp deleted successfully.
C:\WINDOWS\NV1084668.TMP\nvcppt.hlp deleted successfully.
C:\WINDOWS\NV1084668.TMP\nvcpptb.hlp deleted successfully.
C:\WINDOWS\NV1084668.TMP\nvcpru.hlp deleted successfully.
C:\WINDOWS\NV1084668.TMP\nvcpsk.hlp deleted successfully.
C:\WINDOWS\NV1084668.TMP\nvcpsl.hlp deleted successfully.
C:\WINDOWS\NV1084668.TMP\nvcpsv.hlp deleted successfully.
C:\WINDOWS\NV1084668.TMP\nvcpth.hlp deleted successfully.
C:\WINDOWS\NV1084668.TMP\nvcptr.hlp deleted successfully.
C:\WINDOWS\NV1084668.TMP\nvcpzhc.hlp deleted successfully.
C:\WINDOWS\NV1084668.TMP\nvcpzht.hlp deleted successfully.
C:\WINDOWS\NV1084668.TMP\nvdsp.chm deleted successfully.
C:\WINDOWS\NV1084668.TMP\nvdspara.chm deleted successfully.
C:\WINDOWS\NV1084668.TMP\nvdspchs.chm deleted successfully.
C:\WINDOWS\NV1084668.TMP\nvdspcht.chm deleted successfully.
C:\WINDOWS\NV1084668.TMP\nvdspcsy.chm deleted successfully.
C:\WINDOWS\NV1084668.TMP\nvdspdan.chm deleted successfully.
C:\WINDOWS\NV1084668.TMP\nvdspdeu.chm deleted successfully.
C:\WINDOWS\NV1084668.TMP\nvdspell.chm deleted successfully.
C:\WINDOWS\NV1084668.TMP\nvdspeng.chm deleted successfully.
C:\WINDOWS\NV1084668.TMP\nvdspesm.chm deleted successfully.
C:\WINDOWS\NV1084668.TMP\nvdspesn.chm deleted successfully.
C:\WINDOWS\NV1084668.TMP\nvdspfin.chm deleted successfully.
C:\WINDOWS\NV1084668.TMP\nvdspfra.chm deleted successfully.
C:\WINDOWS\NV1084668.TMP\nvdspheb.chm deleted successfully.
C:\WINDOWS\NV1084668.TMP\nvdsphun.chm deleted successfully.
C:\WINDOWS\NV1084668.TMP\nvdspita.chm deleted successfully.
C:\WINDOWS\NV1084668.TMP\nvdspjpn.chm deleted successfully.
C:\WINDOWS\NV1084668.TMP\nvdspkor.chm deleted successfully.
C:\WINDOWS\NV1084668.TMP\nvdspnld.chm deleted successfully.
C:\WINDOWS\NV1084668.TMP\nvdspnor.chm deleted successfully.
C:\WINDOWS\NV1084668.TMP\nvdspplk.chm deleted successfully.
C:\WINDOWS\NV1084668.TMP\nvdspptb.chm deleted successfully.
C:\WINDOWS\NV1084668.TMP\nvdspptg.chm deleted successfully.
C:\WINDOWS\NV1084668.TMP\nvdsprus.chm deleted successfully.
C:\WINDOWS\NV1084668.TMP\nvdspsch.exe deleted successfully.
C:\WINDOWS\NV1084668.TMP\nvdspsky.chm deleted successfully.
C:\WINDOWS\NV1084668.TMP\nvdspslv.chm deleted successfully.
C:\WINDOWS\NV1084668.TMP\nvdspsve.chm deleted successfully.
C:\WINDOWS\NV1084668.TMP\nvdsptha.chm deleted successfully.
C:\WINDOWS\NV1084668.TMP\nvdsptrk.chm deleted successfully.
C:\WINDOWS\NV1084668.TMP\nview.dll deleted successfully.
C:\WINDOWS\NV1084668.TMP\nvmob.chm deleted successfully.
C:\WINDOWS\NV1084668.TMP\nvmobara.chm deleted successfully.
C:\WINDOWS\NV1084668.TMP\nvmobchs.chm deleted successfully.
C:\WINDOWS\NV1084668.TMP\nvmobcht.chm deleted successfully.
C:\WINDOWS\NV1084668.TMP\nvmobcsy.chm deleted successfully.
C:\WINDOWS\NV1084668.TMP\nvmobdan.chm deleted successfully.
C:\WINDOWS\NV1084668.TMP\nvmobdeu.chm deleted successfully.
C:\WINDOWS\NV1084668.TMP\nvmobell.chm deleted successfully.
C:\WINDOWS\NV1084668.TMP\nvmobeng.chm deleted successfully.
C:\WINDOWS\NV1084668.TMP\nvmobesm.chm deleted successfully.
C:\WINDOWS\NV1084668.TMP\nvmobesn.chm deleted successfully.
C:\WINDOWS\NV1084668.TMP\nvmobfin.chm deleted successfully.
C:\WINDOWS\NV1084668.TMP\nvmobfra.chm deleted successfully.
C:\WINDOWS\NV1084668.TMP\nvmobheb.chm deleted successfully.
C:\WINDOWS\NV1084668.TMP\nvmobhun.chm deleted successfully.
C:\WINDOWS\NV1084668.TMP\nvmobita.chm deleted successfully.
C:\WINDOWS\NV1084668.TMP\nvmobjpn.chm deleted successfully.
C:\WINDOWS\NV1084668.TMP\nvmobkor.chm deleted successfully.
C:\WINDOWS\NV1084668.TMP\nvmobnld.chm deleted successfully.
C:\WINDOWS\NV1084668.TMP\nvmobnor.chm deleted successfully.
C:\WINDOWS\NV1084668.TMP\nvmobplk.chm deleted successfully.
C:\WINDOWS\NV1084668.TMP\nvmobptb.chm deleted successfully.
C:\WINDOWS\NV1084668.TMP\nvmobptg.chm deleted successfully.
C:\WINDOWS\NV1084668.TMP\nvmobrus.chm deleted successfully.
C:\WINDOWS\NV1084668.TMP\nvmobsky.chm deleted successfully.
C:\WINDOWS\NV1084668.TMP\nvmobslv.chm deleted successfully.
C:\WINDOWS\NV1084668.TMP\nvmobsve.chm deleted successfully.
C:\WINDOWS\NV1084668.TMP\nvmobtha.chm deleted successfully.
C:\WINDOWS\NV1084668.TMP\nvmobtrk.chm deleted successfully.
C:\WINDOWS\NV1084668.TMP\nvrsar.dll deleted successfully.
C:\WINDOWS\NV1084668.TMP\nvrscs.dll deleted successfully.
C:\WINDOWS\NV1084668.TMP\nvrsda.dll deleted successfully.
C:\WINDOWS\NV1084668.TMP\nvrsde.dll deleted successfully.
C:\WINDOWS\NV1084668.TMP\nvrsel.dll deleted successfully.
C:\WINDOWS\NV1084668.TMP\nvrseng.dll deleted successfully.
C:\WINDOWS\NV1084668.TMP\nvrses.dll deleted successfully.
C:\WINDOWS\NV1084668.TMP\nvrsesm.dll deleted successfully.
C:\WINDOWS\NV1084668.TMP\nvrsfi.dll deleted successfully.
C:\WINDOWS\NV1084668.TMP\nvrsfr.dll deleted successfully.
C:\WINDOWS\NV1084668.TMP\nvrshe.dll deleted successfully.
C:\WINDOWS\NV1084668.TMP\nvrshu.dll deleted successfully.
C:\WINDOWS\NV1084668.TMP\nvrsit.dll deleted successfully.
C:\WINDOWS\NV1084668.TMP\nvrsja.dll deleted successfully.
C:\WINDOWS\NV1084668.TMP\nvrsko.dll deleted successfully.
C:\WINDOWS\NV1084668.TMP\nvrsnl.dll deleted successfully.
C:\WINDOWS\NV1084668.TMP\nvrsno.dll deleted successfully.
C:\WINDOWS\NV1084668.TMP\nvrspl.dll deleted successfully.
C:\WINDOWS\NV1084668.TMP\nvrspt.dll deleted successfully.
C:\WINDOWS\NV1084668.TMP\nvrsptb.dll deleted successfully.
C:\WINDOWS\NV1084668.TMP\nvrsru.dll deleted successfully.
C:\WINDOWS\NV1084668.TMP\nvrssk.dll deleted successfully.
C:\WINDOWS\NV1084668.TMP\nvrssl.dll deleted successfully.
C:\WINDOWS\NV1084668.TMP\nvrssv.dll deleted successfully.
C:\WINDOWS\NV1084668.TMP\nvrsth.dll deleted successfully.
C:\WINDOWS\NV1084668.TMP\nvrstr.dll deleted successfully.
C:\WINDOWS\NV1084668.TMP\nvrszhc.dll deleted successfully.
C:\WINDOWS\NV1084668.TMP\nvrszht.dll deleted successfully.
C:\WINDOWS\NV1084668.TMP\nvshell.dll deleted successfully.
C:\WINDOWS\NV1084668.TMP\nvtuicpl.cpl deleted successfully.
C:\WINDOWS\NV1084668.TMP\nvwcpar.hlp deleted successfully.
C:\WINDOWS\NV1084668.TMP\nvwcpcs.hlp deleted successfully.
C:\WINDOWS\NV1084668.TMP\nvwcpda.hlp deleted successfully.
C:\WINDOWS\NV1084668.TMP\nvwcpde.hlp deleted successfully.
C:\WINDOWS\NV1084668.TMP\nvwcpel.hlp deleted successfully.
C:\WINDOWS\NV1084668.TMP\nvwcpeng.hlp deleted successfully.
C:\WINDOWS\NV1084668.TMP\nvwcpes.hlp deleted successfully.
C:\WINDOWS\NV1084668.TMP\nvwcpesm.hlp deleted successfully.
C:\WINDOWS\NV1084668.TMP\nvwcpfi.hlp deleted successfully.
C:\WINDOWS\NV1084668.TMP\nvwcpfr.hlp deleted successfully.
C:\WINDOWS\NV1084668.TMP\nvwcphe.hlp deleted successfully.
C:\WINDOWS\NV1084668.TMP\nvwcphu.hlp deleted successfully.
C:\WINDOWS\NV1084668.TMP\nvwcpit.hlp deleted successfully.
C:\WINDOWS\NV1084668.TMP\nvwcpja.hlp deleted successfully.
C:\WINDOWS\NV1084668.TMP\nvwcpko.hlp deleted successfully.
C:\WINDOWS\NV1084668.TMP\nvwcpnl.hlp deleted successfully.
C:\WINDOWS\NV1084668.TMP\nvwcpno.hlp deleted successfully.
C:\WINDOWS\NV1084668.TMP\nvwcppl.hlp deleted successfully.
C:\WINDOWS\NV1084668.TMP\nvwcppt.hlp deleted successfully.
C:\WINDOWS\NV1084668.TMP\nvwcpptb.hlp deleted successfully.
C:\WINDOWS\NV1084668.TMP\nvwcpru.hlp deleted successfully.
C:\WINDOWS\NV1084668.TMP\nvwcpsk.hlp deleted successfully.
C:\WINDOWS\NV1084668.TMP\nvwcpsl.hlp deleted successfully.
C:\WINDOWS\NV1084668.TMP\nvwcpsv.hlp deleted successfully.
C:\WINDOWS\NV1084668.TMP\nvwcpth.hlp deleted successfully.
C:\WINDOWS\NV1084668.TMP\nvwcptr.hlp deleted successfully.
C:\WINDOWS\NV1084668.TMP\nvwcpzhc.hlp deleted successfully.
C:\WINDOWS\NV1084668.TMP\nvwcpzht.hlp deleted successfully.
C:\WINDOWS\NV1084668.TMP\nvwdmcpl.dll deleted successfully.
C:\WINDOWS\NV1084668.TMP\nvwimg.dll deleted successfully.
C:\WINDOWS\NV1084668.TMP\nvwrsar.dll deleted successfully.
C:\WINDOWS\NV1084668.TMP\nvwrscs.dll deleted successfully.
C:\WINDOWS\NV1084668.TMP\nvwrsda.dll deleted successfully.
C:\WINDOWS\NV1084668.TMP\nvwrsde.dll deleted successfully.
C:\WINDOWS\NV1084668.TMP\nvwrsel.dll deleted successfully.
C:\WINDOWS\NV1084668.TMP\nvwrseng.dll deleted successfully.
C:\WINDOWS\NV1084668.TMP\nvwrses.dll deleted successfully.
C:\WINDOWS\NV1084668.TMP\nvwrsesm.dll deleted successfully.
C:\WINDOWS\NV1084668.TMP\nvwrsfi.dll deleted successfully.
C:\WINDOWS\NV1084668.TMP\nvwrsfr.dll deleted successfully.
C:\WINDOWS\NV1084668.TMP\nvwrshe.dll deleted successfully.
C:\WINDOWS\NV1084668.TMP\nvwrshu.dll deleted successfully.
C:\WINDOWS\NV1084668.TMP\nvwrsit.dll deleted successfully.
C:\WINDOWS\NV1084668.TMP\nvwrsja.dll deleted successfully.
C:\WINDOWS\NV1084668.TMP\nvwrsko.dll deleted successfully.
C:\WINDOWS\NV1084668.TMP\nvwrsnl.dll deleted successfully.
C:\WINDOWS\NV1084668.TMP\nvwrsno.dll deleted successfully.
C:\WINDOWS\NV1084668.TMP\nvwrspl.dll deleted successfully.
C:\WINDOWS\NV1084668.TMP\nvwrspt.dll deleted successfully.
C:\WINDOWS\NV1084668.TMP\nvwrsptb.dll deleted successfully.
C:\WINDOWS\NV1084668.TMP\nvwrsru.dll deleted successfully.
C:\WINDOWS\NV1084668.TMP\nvwrssk.dll deleted successfully.
C:\WINDOWS\NV1084668.TMP\nvwrssl.dll deleted successfully.
C:\WINDOWS\NV1084668.TMP\nvwrssv.dll deleted successfully.
C:\WINDOWS\NV1084668.TMP\nvwrsth.dll deleted successfully.
C:\WINDOWS\NV1084668.TMP\nvwrstr.dll deleted successfully.
C:\WINDOWS\NV1084668.TMP\nvwrszhc.dll deleted successfully.
C:\WINDOWS\NV1084668.TMP\nvwrszht.dll deleted successfully.
C:\WINDOWS\NV1084668.TMP\nwiz.exe deleted successfully.
C:\WINDOWS\NV1084668.TMP folder deleted successfully.
C:\WINDOWS\NV1712324.TMP\nv3d.chm deleted successfully.
C:\WINDOWS\NV1712324.TMP\nvapps.nvb deleted successfully.
C:\WINDOWS\NV1712324.TMP\nvcolor.exe deleted successfully.
C:\WINDOWS\NV1712324.TMP\nvcpl.chm deleted successfully.
C:\WINDOWS\NV1712324.TMP\nvdsp.chm deleted successfully.
C:\WINDOWS\NV1712324.TMP\nvmob.chm deleted successfully.
C:\WINDOWS\NV1712324.TMP folder deleted successfully.
C:\WINDOWS\NV6921848.TMP\nv3d.chm deleted successfully.
C:\WINDOWS\NV6921848.TMP\nv3dara.chm deleted successfully.
C:\WINDOWS\NV6921848.TMP\nv3dchs.chm deleted successfully.
C:\WINDOWS\NV6921848.TMP\nv3dcht.chm deleted successfully.
C:\WINDOWS\NV6921848.TMP\nv3dcsy.chm deleted successfully.
C:\WINDOWS\NV6921848.TMP\nv3ddan.chm deleted successfully.
C:\WINDOWS\NV6921848.TMP\nv3ddeu.chm deleted successfully.
C:\WINDOWS\NV6921848.TMP\nv3dell.chm deleted successfully.
C:\WINDOWS\NV6921848.TMP\nv3deng.chm deleted successfully.
C:\WINDOWS\NV6921848.TMP\nv3desm.chm deleted successfully.
C:\WINDOWS\NV6921848.TMP\nv3desn.chm deleted successfully.
C:\WINDOWS\NV6921848.TMP\nv3dfin.chm deleted successfully.
C:\WINDOWS\NV6921848.TMP\nv3dfra.chm deleted successfully.
C:\WINDOWS\NV6921848.TMP\nv3dheb.chm deleted successfully.
C:\WINDOWS\NV6921848.TMP\nv3dhun.chm deleted successfully.
C:\WINDOWS\NV6921848.TMP\nv3dita.chm deleted successfully.
C:\WINDOWS\NV6921848.TMP\nv3djpn.chm deleted successfully.
C:\WINDOWS\NV6921848.TMP\nv3dkor.chm deleted successfully.
C:\WINDOWS\NV6921848.TMP\nv3dnld.chm deleted successfully.
C:\WINDOWS\NV6921848.TMP\nv3dnor.chm deleted successfully.
C:\WINDOWS\NV6921848.TMP\nv3dplk.chm deleted successfully.
C:\WINDOWS\NV6921848.TMP\nv3dptb.chm deleted successfully.
C:\WINDOWS\NV6921848.TMP\nv3dptg.chm deleted successfully.
C:\WINDOWS\NV6921848.TMP\nv3drus.chm deleted successfully.
C:\WINDOWS\NV6921848.TMP\nv3dsky.chm deleted successfully.
C:\WINDOWS\NV6921848.TMP\nv3dslv.chm deleted successfully.
C:\WINDOWS\NV6921848.TMP\nv3dsve.chm deleted successfully.
C:\WINDOWS\NV6921848.TMP\nv3dtha.chm deleted successfully.
C:\WINDOWS\NV6921848.TMP\nv3dtrk.chm deleted successfully.
C:\WINDOWS\NV6921848.TMP\nvcpl.chm deleted successfully.
C:\WINDOWS\NV6921848.TMP\nvcplara.chm deleted successfully.
C:\WINDOWS\NV6921848.TMP\nvcplchs.chm deleted successfully.
C:\WINDOWS\NV6921848.TMP\nvcplcht.chm deleted successfully.
C:\WINDOWS\NV6921848.TMP\nvcplcsy.chm deleted successfully.
C:\WINDOWS\NV6921848.TMP\nvcpldan.chm deleted successfully.
C:\WINDOWS\NV6921848.TMP\nvcpldeu.chm deleted successfully.
C:\WINDOWS\NV6921848.TMP\nvcplell.chm deleted successfully.
C:\WINDOWS\NV6921848.TMP\nvcpleng.chm deleted successfully.
C:\WINDOWS\NV6921848.TMP\nvcplesm.chm deleted successfully.
C:\WINDOWS\NV6921848.TMP\nvcplesn.chm deleted successfully.
C:\WINDOWS\NV6921848.TMP\nvcplfin.chm deleted successfully.
C:\WINDOWS\NV6921848.TMP\nvcplfra.chm deleted successfully.
C:\WINDOWS\NV6921848.TMP\nvcplheb.chm deleted successfully.
C:\WINDOWS\NV6921848.TMP\nvcplhun.chm deleted successfully.
C:\WINDOWS\NV6921848.TMP\nvcplita.chm deleted successfully.
C:\WINDOWS\NV6921848.TMP\nvcpljpn.chm deleted successfully.
C:\WINDOWS\NV6921848.TMP\nvcplkor.chm deleted successfully.
C:\WINDOWS\NV6921848.TMP\nvcplnld.chm deleted successfully.
C:\WINDOWS\NV6921848.TMP\nvcplnor.chm deleted successfully.
C:\WINDOWS\NV6921848.TMP\nvcplplk.chm deleted successfully.
C:\WINDOWS\NV6921848.TMP\nvcplptb.chm deleted successfully.
C:\WINDOWS\NV6921848.TMP\nvcplptg.chm deleted successfully.
C:\WINDOWS\NV6921848.TMP\nvcplrus.chm deleted successfully.
C:\WINDOWS\NV6921848.TMP\nvcplsky.chm deleted successfully.
C:\WINDOWS\NV6921848.TMP\nvcplslv.chm deleted successfully.
C:\WINDOWS\NV6921848.TMP\nvcplsve.chm deleted successfully.
C:\WINDOWS\NV6921848.TMP\nvcpltha.chm deleted successfully.
C:\WINDOWS\NV6921848.TMP\nvcpltrk.chm deleted successfully.
C:\WINDOWS\NV6921848.TMP\nvdsp.chm deleted successfully.
C:\WINDOWS\NV6921848.TMP\nvdspara.chm deleted successfully.
C:\WINDOWS\NV6921848.TMP\nvdspchs.chm deleted successfully.
C:\WINDOWS\NV6921848.TMP\nvdspcht.chm deleted successfully.
C:\WINDOWS\NV6921848.TMP\nvdspcsy.chm deleted successfully.
C:\WINDOWS\NV6921848.TMP\nvdspdan.chm deleted successfully.
C:\WINDOWS\NV6921848.TMP\nvdspdeu.chm deleted successfully.
C:\WINDOWS\NV6921848.TMP\nvdspell.chm deleted successfully.
C:\WINDOWS\NV6921848.TMP\nvdspeng.chm deleted successfully.
C:\WINDOWS\NV6921848.TMP\nvdspesm.chm deleted successfully.
C:\WINDOWS\NV6921848.TMP\nvdspesn.chm deleted successfully.
C:\WINDOWS\NV6921848.TMP\nvdspfin.chm deleted successfully.
C:\WINDOWS\NV6921848.TMP\nvdspfra.chm deleted successfully.
C:\WINDOWS\NV6921848.TMP\nvdspheb.chm deleted successfully.
C:\WINDOWS\NV6921848.TMP\nvdsphun.chm deleted successfully.
C:\WINDOWS\NV6921848.TMP\nvdspita.chm deleted successfully.
C:\WINDOWS\NV6921848.TMP\nvdspjpn.chm deleted successfully.
C:\WINDOWS\NV6921848.TMP\nvdspkor.chm deleted successfully.
C:\WINDOWS\NV6921848.TMP\nvdspnld.chm deleted successfully.
C:\WINDOWS\NV6921848.TMP\nvdspnor.chm deleted successfully.
C:\WINDOWS\NV6921848.TMP\nvdspplk.chm deleted successfully.
C:\WINDOWS\NV6921848.TMP\nvdspptb.chm deleted successfully.
C:\WINDOWS\NV6921848.TMP\nvdspptg.chm deleted successfully.
C:\WINDOWS\NV6921848.TMP\nvdsprus.chm deleted successfully.
C:\WINDOWS\NV6921848.TMP\nvdspsky.chm deleted successfully.
C:\WINDOWS\NV6921848.TMP\nvdspslv.chm deleted successfully.
C:\WINDOWS\NV6921848.TMP\nvdspsve.chm deleted successfully.
C:\WINDOWS\NV6921848.TMP\nvdsptha.chm deleted successfully.
C:\WINDOWS\NV6921848.TMP\nvdsptrk.chm deleted successfully.
C:\WINDOWS\NV6921848.TMP\nvmob.chm deleted successfully.
C:\WINDOWS\NV6921848.TMP\nvmobara.chm deleted successfully.
C:\WINDOWS\NV6921848.TMP\nvmobchs.chm deleted successfully.
C:\WINDOWS\NV6921848.TMP\nvmobcht.chm deleted successfully.
C:\WINDOWS\NV6921848.TMP\nvmobcsy.chm deleted successfully.
C:\WINDOWS\NV6921848.TMP\nvmobdan.chm deleted successfully.
C:\WINDOWS\NV6921848.TMP\nvmobdeu.chm deleted successfully.
C:\WINDOWS\NV6921848.TMP\nvmobell.chm deleted successfully.
C:\WINDOWS\NV6921848.TMP\nvmobeng.chm deleted successfully.
C:\WINDOWS\NV6921848.TMP\nvmobesm.chm deleted successfully.
C:\WINDOWS\NV6921848.TMP\nvmobesn.chm deleted successfully.
C:\WINDOWS\NV6921848.TMP\nvmobfin.chm deleted successfully.
C:\WINDOWS\NV6921848.TMP\nvmobfra.chm deleted successfully.
C:\WINDOWS\NV6921848.TMP\nvmobheb.chm deleted successfully.
C:\WINDOWS\NV6921848.TMP\nvmobhun.chm deleted successfully.
C:\WINDOWS\NV6921848.TMP\nvmobita.chm deleted successfully.
C:\WINDOWS\NV6921848.TMP\nvmobjpn.chm deleted successfully.
C:\WINDOWS\NV6921848.TMP\nvmobkor.chm deleted successfully.
C:\WINDOWS\NV6921848.TMP\nvmobnld.chm deleted successfully.
C:\WINDOWS\NV6921848.TMP\nvmobnor.chm deleted successfully.
C:\WINDOWS\NV6921848.TMP\nvmobplk.chm deleted successfully.
C:\WINDOWS\NV6921848.TMP\nvmobptb.chm deleted successfully.
C:\WINDOWS\NV6921848.TMP\nvmobptg.chm deleted successfully.
C:\WINDOWS\NV6921848.TMP\nvmobrus.chm deleted successfully.
C:\WINDOWS\NV6921848.TMP\nvmobsky.chm deleted successfully.
C:\WINDOWS\NV6921848.TMP\nvmobslv.chm deleted successfully.
C:\WINDOWS\NV6921848.TMP\nvmobsve.chm deleted successfully.
C:\WINDOWS\NV6921848.TMP\nvmobtha.chm deleted successfully.
C:\WINDOWS\NV6921848.TMP\nvmobtrk.chm deleted successfully.
C:\WINDOWS\NV6921848.TMP folder deleted successfully.
C:\WINDOWS\SET4E.tmp deleted successfully.
C:\WINDOWS\SET4F.tmp deleted successfully.
C:\WINDOWS\SET5A.tmp deleted successfully.
C:\WINDOWS\SET5B.tmp deleted successfully.
C:\WINDOWS\SET80.tmp deleted successfully.
C:\WINDOWS\SET8C.tmp deleted successfully.
========== FILES ==========
File\Folder C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\yjpdmegv not found.
C:\RECYCLER\S-1-5-18\$364d55605115baf1d28d3f84fec5e12b\U folder moved successfully.
C:\RECYCLER\S-1-5-18\$364d55605115baf1d28d3f84fec5e12b\L folder moved successfully.
C:\RECYCLER\S-1-5-18\$364d55605115baf1d28d3f84fec5e12b folder moved successfully.
C:\recycler\S-1-5-21-4084055621-2455302966-1550939352-1007\$364d55605115baf1d28d3f84fec5e12b\U folder moved successfully.
C:\recycler\S-1-5-21-4084055621-2455302966-1550939352-1007\$364d55605115baf1d28d3f84fec5e12b\L folder moved successfully.
C:\recycler\S-1-5-21-4084055621-2455302966-1550939352-1007\$364d55605115baf1d28d3f84fec5e12b folder moved successfully.
< ipconfig /flushdns /c >
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
C:\Documents and Settings\Compaq_Owner\Desktop\cmd.bat deleted successfully.
C:\Documents and Settings\Compaq_Owner\Desktop\cmd.txt deleted successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 134 bytes

User: Alex
->Temp folder emptied: 1499660 bytes
->Temporary Internet Files folder emptied: 8460404 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 541442014 bytes
->Flash cache emptied: 19040 bytes

User: All Users

User: Compaq_Owner
->Temp folder emptied: 3786207075 bytes
->Temporary Internet Files folder emptied: 88120052 bytes
->Java cache emptied: 599350 bytes
->FireFox cache emptied: 1133654539 bytes
->Flash cache emptied: 421915 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: LocalService
->Temp folder emptied: 65716 bytes
->Temporary Internet Files folder emptied: 462884223 bytes
->Java cache emptied: 0 bytes
->Flash cache emptied: 21885 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 488308580 bytes
->Java cache emptied: 909 bytes
->Flash cache emptied: 42746 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 18270299 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 113816698 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33728 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 6,336.00 mb


OTL by OldTimer - Version 3.2.69.0 log created on 10232012_230237

Files\Folders moved on Reboot...
C:\WINDOWS\temp\Perflib_Perfdata_768.dat moved successfully.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

---------------------------------------------------------------------------------------------------------------------------------------

OTL.txt

OTL logfile created on: 23/10/2012 23:21:51 - Run 15
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Compaq_Owner\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

3.00 Gb Total Physical Memory | 2.41 Gb Available Physical Memory | 80.44% Memory free
4.84 Gb Paging File | 4.45 Gb Available in Paging File | 91.97% Paging File free
Paging file location(s): c:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 228.93 Gb Total Space | 82.37 Gb Free Space | 35.98% Space Free | Partition Type: NTFS
Drive D: | 3.94 Gb Total Space | 1.01 Gb Free Space | 25.56% Space Free | Partition Type: FAT32

Computer Name: SILVER-LIGHTNIN | User Name: Compaq_Owner | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/10/22 11:45:55 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Compaq_Owner\Desktop\OTL.exe
PRC - [2012/10/14 08:39:06 | 000,917,984 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2012/09/29 19:54:26 | 000,399,432 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2012/09/04 10:21:56 | 000,161,768 | ---- | M] (Oracle Corporation) -- C:\Program Files\Java\jre7\bin\jqs.exe
PRC - [2011/07/03 03:01:06 | 003,077,528 | ---- | M] () -- C:\Program Files\Pando Networks\Media Booster\PMB.exe
PRC - [2009/04/08 10:34:06 | 001,662,976 | ---- | M] (Belkin) -- C:\Program Files\Belkin\F5D8055\v2\Belkinwcui.exe
PRC - [2008/04/14 01:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2004/07/29 02:34:22 | 002,551,808 | ---- | M] (RealTek Semicoductor Corp.) -- C:\WINDOWS\ALCWZRD.EXE
PRC - [2004/07/29 01:40:18 | 000,077,824 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SOUNDMAN.EXE
PRC - [2004/01/30 14:59:40 | 000,204,800 | ---- | M] (PCTEL Inc.) -- C:\Program Files\Arcadyan Wireless\pctwpasv.exe
PRC - [2003/09/04 11:45:08 | 000,135,214 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\Logitech\QCDriver2\LVComS.exe


========== Modules (No Company Name) ==========

MOD - [2012/10/14 08:39:06 | 002,294,240 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2011/07/03 03:01:06 | 003,077,528 | ---- | M] () -- C:\Program Files\Pando Networks\Media Booster\PMB.exe
MOD - [2008/10/23 20:25:34 | 000,188,416 | ---- | M] () -- C:\Program Files\Belkin\F5D8055\v2\BelkinwcuiDLL.dll
MOD - [2008/09/16 21:18:06 | 000,132,608 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll
MOD - [2006/02/24 12:40:56 | 000,061,440 | ---- | M] () -- C:\Program Files\Belkin\F5D8055\v2\BelkinHWStatus.dll


========== Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt)
SRV - [2012/10/14 08:39:06 | 000,115,168 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/09/29 19:54:26 | 000,399,432 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2012/09/04 10:21:56 | 000,161,768 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Program Files\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2011/09/27 20:03:28 | 000,295,192 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe -- (LBTServ)
SRV - [2008/08/07 12:17:30 | 000,575,488 | ---- | M] (Nokia.) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2007/11/06 21:22:26 | 000,092,792 | ---- | M] (CACE Technologies) [On_Demand | Stopped] -- C:\Program Files\WinPcap\rpcapd.exe -- (rpcapd)
SRV - [2004/01/30 14:59:40 | 000,204,800 | ---- | M] (PCTEL Inc.) [Auto | Running] -- C:\Program Files\Arcadyan Wireless\pctwpasv.exe -- (PCTWPASV)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | Boot | Stopped] -- system32\DRIVERS\viaagp1.sys -- (viaagp1)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\PROGRA~1\COMMON~1\SYMANT~1\SymcData\idsdefs\20040813.178\symidsco.sys -- (SYMIDSCO)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\Safe Returner\RegKernelHelp.sys -- (RegKernelHelp)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\Drivers\PROCEXP151.SYS -- (PROCEXP151)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | Disabled | Running] -- C:\DOCUME~1\COMPAQ~1\LOCALS~1\Temp\obfaabiv.sys -- (Micorsoft Windows Service)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\el90xbc5.sys -- (EL90XBC)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\EagleXNt.sys -- (EagleXNt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\ComboFix\catchme.sys -- (catchme)
DRV - File not found [Kernel | On_Demand | Unknown] -- -- (ahru8icz)
DRV - File not found [Kernel | On_Demand | Unknown] -- -- (afydi3mo)
DRV - [2012/10/20 21:09:19 | 000,040,776 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy)
DRV - [2012/09/29 19:54:26 | 000,022,856 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2011/09/02 07:31:28 | 000,039,192 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LMouFilt.Sys -- (LMouFilt)
DRV - [2011/09/02 07:31:20 | 000,041,240 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LHidFilt.Sys -- (LHidFilt)
DRV - [2011/09/02 07:30:58 | 000,012,184 | ---- | M] (Logitech, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\LBeepKE.sys -- (LBeepKE)
DRV - [2011/01/04 14:58:05 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sptd.sys -- (sptd)
DRV - [2009/04/04 00:08:08 | 000,713,344 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rt2870.sys -- (rt2870)
DRV - [2009/01/21 08:49:40 | 000,118,656 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtnicxp.sys -- (RTL8023xp)
DRV - [2008/09/26 10:53:00 | 000,079,120 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LMouKE.Sys -- (LMouKE)
DRV - [2008/09/26 10:53:00 | 000,028,816 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LUsbFilt.sys -- (LUsbFilt)
DRV - [2008/09/26 10:52:00 | 000,063,248 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\L8042mou.Sys -- (L8042mou)
DRV - [2008/09/26 10:52:00 | 000,020,240 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\L8042Kbd.sys -- (L8042Kbd)
DRV - [2008/06/06 10:24:44 | 000,008,064 | ---- | M] (Windows ® Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2008/05/07 08:38:36 | 000,008,064 | ---- | M] (Windows ® Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2008/05/07 08:38:20 | 000,020,864 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2008/05/07 08:38:20 | 000,017,536 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2008/04/13 19:53:09 | 000,040,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmnt.sys -- (nm)
DRV - [2007/11/06 21:22:06 | 000,034,064 | ---- | M] (CACE Technologies) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\npf.sys -- (NPF)
DRV - [2007/09/17 16:53:26 | 000,021,632 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2006/01/25 17:24:30 | 001,149,888 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2004/09/29 23:55:50 | 000,229,888 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sisgrp.sys -- (SiS315)
DRV - [2004/09/24 11:38:40 | 000,012,928 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\srvkp.sys -- (SiSkp)
DRV - [2004/07/29 21:04:26 | 002,216,128 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService)
DRV - [2004/06/10 19:42:38 | 000,015,429 | ---- | M] ( ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Sacm1K.sys -- (USBCM)
DRV - [2004/01/29 23:29:04 | 000,350,282 | ---- | M] (PCTEL Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\PCTELSAP.SYS -- (PRISM_A00)
DRV - [2004/01/15 13:15:06 | 000,017,359 | ---- | M] (PCTEL Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\PCTINDIS5.sys -- (PCTINDIS5)
DRV - [2003/11/13 19:01:52 | 000,145,488 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\EMUPIA2K.SYS -- (emupia)
DRV - [2003/11/13 19:01:38 | 000,130,288 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\CTSFM2K.SYS -- (ctsfm2k)
DRV - [2003/11/13 19:01:10 | 000,006,096 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\CTPRXY2K.SYS -- (ctprxy2k)
DRV - [2003/11/13 18:59:18 | 000,645,360 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\CTAC32K.SYS -- (ctac32k)
DRV - [2003/11/13 18:58:10 | 000,148,432 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\HAP16V2K.SYS -- (hap16v2k)
DRV - [2003/11/13 18:57:40 | 000,904,496 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\HA10KX2K.SYS -- (ha10kx2k)
DRV - [2003/11/12 21:11:54 | 000,333,600 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\CTDVDA2K.SYS -- (ctdvda2k)
DRV - [2003/09/19 02:47:00 | 000,010,368 | ---- | M] (Padus, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pfc.sys -- (Pfc)
DRV - [2003/09/04 11:38:56 | 000,152,576 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LV532AV.SYS -- (PID_0920)
DRV - [2003/07/18 17:58:20 | 000,036,992 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\SISAGPX.SYS -- (SISAGP)
DRV - [2002/10/04 18:04:10 | 000,046,976 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\R8139n51.sys -- (rtl8139)
DRV - [2002/07/29 23:43:50 | 000,023,808 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\PS2.sys -- (Ps2)
DRV - [2001/08/17 13:11:18 | 000,020,160 | ---- | M] (ADMtek Incorporated) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ADM8511.SYS -- (ADM8511)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-4084055621-2455302966-1550939352-1007\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Live Search
IE - HKU\S-1-5-21-4084055621-2455302966-1550939352-1007\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://search.live.c...ferrer:source?}
IE - HKU\S-1-5-21-4084055621-2455302966-1550939352-1007\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKU\S-1-5-21-4084055621-2455302966-1550939352-1007\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://uk.msn.com/?ocid=iehp
IE - HKU\S-1-5-21-4084055621-2455302966-1550939352-1007\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-gb
IE - HKU\S-1-5-21-4084055621-2455302966-1550939352-1007\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 20 82 4B 6E 8F 86 CD 01 [binary data]
IE - HKU\S-1-5-21-4084055621-2455302966-1550939352-1007\..\SearchScopes,DefaultScope = {AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB9}
IE - HKU\S-1-5-21-4084055621-2455302966-1550939352-1007\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...Box&Form=IE8SRC
IE - HKU\S-1-5-21-4084055621-2455302966-1550939352-1007\..\SearchScopes\{A344D54B-1871-43A7-8EC5-E567C418D4C8}: "URL" = http://search.live.c...Box&Form=IE8SRC
IE - HKU\S-1-5-21-4084055621-2455302966-1550939352-1007\..\SearchScopes\{AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB9}: "URL" = http://www.daemon-se...q={searchTerms}
IE - HKU\S-1-5-21-4084055621-2455302966-1550939352-1007\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.soa-clan.info/forum/"
FF - prefs.js..extensions.enabledAddons: {e001c731-5e37-4538-a5cb-8168736a2360}:0.9.9.119
FF - prefs.js..extensions.enabledAddons: [email protected]:0.801
FF - prefs.js..network.proxy.type: 0


FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_4_402_287.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@bittorrent.com/BitTorrentDNA: C:\Program Files\DNA\plugins\npbtdna.dll (BitTorrent, Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012/04/05 23:59:54 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/10/14 08:39:07 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/10/14 19:01:18 | 000,000,000 | ---D | M]

[2009/02/11 18:43:10 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Extensions
[2009/02/11 18:43:10 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Extensions\[email protected]
[2012/10/23 18:53:26 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\r774xhi2.default\extensions
[2009/05/03 16:33:55 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\r774xhi2.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}(2)
[2012/06/27 21:04:08 | 000,000,000 | ---D | M] (Bitdefender QuickScan) -- C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\r774xhi2.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}
[2012/04/03 13:24:58 | 000,004,234 | ---- | M] () (No name found) -- C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\r774xhi2.default\extensions\[email protected]
[2012/10/18 14:26:19 | 000,239,323 | ---- | M] () (No name found) -- C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\r774xhi2.default\extensions\[email protected]
[2012/07/26 18:01:55 | 000,741,958 | ---- | M] () (No name found) -- C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\r774xhi2.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2012/10/14 08:38:56 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012/10/14 08:39:07 | 000,261,600 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2008/09/04 01:11:24 | 000,054,600 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files\mozilla firefox\plugins\npbittorrent.dll
[2012/10/14 08:39:03 | 000,001,525 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-en-GB.xml
[2012/10/14 08:39:03 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012/10/14 08:39:03 | 000,000,935 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\chambers-en-GB.xml
[2012/10/14 08:39:03 | 000,001,166 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-en-GB.xml
[2012/10/14 08:39:03 | 000,002,058 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml
[2012/10/14 08:39:03 | 000,001,121 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-en-GB.xml

O1 HOSTS File: ([2011/12/26 02:29:09 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O4 - HKLM..\Run: [AlcWzrd] C:\WINDOWS\ALCWZRD.EXE (RealTek Semicoductor Corp.)
O4 - HKLM..\Run: [CTHelper] C:\WINDOWS\System32\CTHELPER.EXE (Creative Technology Ltd)
O4 - HKLM..\Run: [F5D8055v2] C:\Program Files\Belkin\F5D8055\v2\Belkinwcui.exe (Belkin)
O4 - HKLM..\Run: [LSBWatcher] c:\hp\drivers\hplsbwatcher\LSBurnWatcher.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [LVCOMS] C:\Program Files\Common Files\Logitech\QCDriver2\LVComS.exe (Logitech Inc.)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [Recguard] C:\WINDOWS\SMINST\Recguard.exe ()
O4 - HKLM..\Run: [SiSPower] C:\WINDOWS\System32\SiSPower.dll (Silicon Integrated Systems Corporation)
O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\SOUNDMAN.EXE (Realtek Semiconductor Corp.)
O4 - HKU\S-1-5-21-4084055621-2455302966-1550939352-1007..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-4084055621-2455302966-1550939352-1007..\Run: [HphSwemj] C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\yjpdmegv\hphswemj.exe File not found
O4 - HKU\S-1-5-21-4084055621-2455302966-1550939352-1007..\Run: [Pando Media Booster] C:\Program Files\Pando Networks\Media Booster\PMB.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-4084055621-2455302966-1550939352-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-4084055621-2455302966-1550939352-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-4084055621-2455302966-1550939352-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000022 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000023 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000024 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000025 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000026 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000027 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000028 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000029 - mswsock.dll File not found
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} http://messenger.zon...wn.cab56986.cab (Solitaire Showdown Class)
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} http://messenger.zon...1/GAME_UNO1.cab (UnoCtrl Class)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.micros...b?1293940326812 (WUWebControl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.micros...b?1231289923359 (MUWebControl Class)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset...lineScanner.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Reg Error: Value error.)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zon...nt.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} http://messenger.zon...er.cab56986.cab (Minesweeper Flags Class)
O16 - DPF: {FE5B9F54-7764-4C01-89F0-4862601EE954} http://photos.msn.co....cab?10,0,910,0 (DigWebHelper Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 194.168.4.100 194.168.8.100
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{65F5F5DF-B133-4572-8941-3304DFB16406}: DhcpNameServer = 194.168.4.100 194.168.8.100
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (c:\windows\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\yjpdmegv\hphswemj.exe) - C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\yjpdmegv\hphswemj.exe File not found
O20 - Winlogon\Notify\igfxcui: DllName - (igfxsrvc.dll) - C:\WINDOWS\System32\igfxsrvc.dll (Intel Corporation)
O20 - Winlogon\Notify\LBTWlgn: DllName - (c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll) - c:\Program Files\Common Files\Logishrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004/01/01 09:35:37 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2001/07/27 22:07:38 | 000,000,000 | -HS- | M] () - D:\AUTOEXEC.BAT -- [ FAT32 ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2012/10/23 23:20:24 | 000,694,323 | ---- | C] (Farbar) -- C:\Documents and Settings\Compaq_Owner\Desktop\FSS.exe
[2012/10/23 23:00:14 | 002,212,440 | ---- | C] (Kaspersky Lab ZAO) -- C:\Documents and Settings\Compaq_Owner\Desktop\TDSSKiller.exe
[2012/10/22 11:45:54 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Compaq_Owner\Desktop\OTL.exe
[2012/10/20 21:08:09 | 010,669,952 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\Compaq_Owner\Desktop\mbam-setup-1.65.1.1000.exe
[2012/10/20 20:39:04 | 000,040,776 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2012/10/20 20:29:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012/10/20 20:29:33 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2012/10/20 20:29:33 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2012/10/14 17:47:56 | 000,000,000 | ---D | C] -- C:\Utopia
[2012/10/14 08:38:55 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox

========== Files - Modified Within 30 Days ==========

[2012/10/23 23:18:12 | 000,694,323 | ---- | M] (Farbar) -- C:\Documents and Settings\Compaq_Owner\Desktop\FSS.exe
[2012/10/23 23:17:39 | 000,206,530 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2012/10/23 23:17:31 | 000,000,248 | ---- | M] () -- C:\WINDOWS\System\hpsysdrv.dat
[2012/10/23 23:16:44 | 000,012,620 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012/10/23 23:16:26 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012/10/23 23:16:23 | 3220,557,824 | -HS- | M] () -- C:\hiberfil.sys
[2012/10/23 22:59:42 | 000,609,880 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Desktop\cbsidlm-tr1_7-Combofix-ORG2-75221073.exe
[2012/10/22 13:11:24 | 000,188,416 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/10/22 11:45:55 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Compaq_Owner\Desktop\OTL.exe
[2012/10/20 21:09:19 | 000,040,776 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2012/10/20 21:09:16 | 000,000,792 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2012/10/20 21:08:23 | 010,669,952 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\Compaq_Owner\Desktop\mbam-setup-1.65.1.1000.exe
[2012/10/20 20:38:36 | 000,000,282 | RHS- | M] () -- C:\boot.ini
[2012/10/20 20:27:34 | 000,001,324 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2012/10/20 20:24:35 | 000,002,461 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Desktop\HiJackThis.lnk
[2012/10/20 16:26:53 | 000,511,978 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012/10/20 16:26:52 | 000,091,734 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012/10/16 11:07:00 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2012/10/14 22:52:20 | 000,002,431 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Labtec WebCam.lnk
[2012/10/14 17:48:01 | 000,000,607 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Desktop\Utopia Angel.lnk
[2012/10/06 13:14:57 | 001,597,734 | -H-- | M] () -- C:\Documents and Settings\Compaq_Owner\Desktop\untitled54.bmp
[2012/09/29 19:54:26 | 000,022,856 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2012/09/28 15:18:35 | 2145,386,496 | ---- | M] () -- C:\WINDOWS\MEMORY.DMP

========== Files Created - No Company Name ==========

[2012/10/23 22:59:39 | 000,609,880 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Desktop\cbsidlm-tr1_7-Combofix-ORG2-75221073.exe
[2012/10/20 20:31:14 | 3220,557,824 | -HS- | C] () -- C:\hiberfil.sys
[2012/10/20 20:29:38 | 000,000,792 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2012/10/14 17:48:01 | 000,000,607 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Desktop\Utopia Angel.lnk
[2012/10/06 13:14:57 | 001,597,734 | -H-- | C] () -- C:\Documents and Settings\Compaq_Owner\Desktop\untitled54.bmp
[2012/08/22 20:39:59 | 000,000,040 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\jagex_cl_runescape_LIVE.dat
[2012/07/06 01:47:14 | 000,000,976 | ---- | C] () -- C:\WINDOWS\eReg.dat
[2011/09/15 03:25:52 | 000,000,129 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
[2011/08/26 18:43:55 | 000,000,259 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Application Data\Gangsters2Setup.lnk
[2011/01/02 07:13:06 | 000,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI
[2011/01/02 06:31:25 | 000,376,832 | ---- | C] () -- C:\WINDOWS\System32\AegisI5Installer.exe
[2011/01/02 06:31:22 | 000,200,704 | ---- | C] () -- C:\WINDOWS\System32\UpdateDriver.exe
[2011/01/02 06:31:22 | 000,005,116 | ---- | C] () -- C:\WINDOWS\System32\ucuiinfo.ini
[2011/01/02 06:31:22 | 000,004,096 | ---- | C] () -- C:\WINDOWS\System32\drivers\RT2870.bin
[2010/12/31 12:33:13 | 000,013,931 | ---- | C] () -- C:\WINDOWS\System32\RaCoInst.dat
[2010/12/31 07:57:41 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2010/12/31 05:18:30 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2010/12/31 05:14:52 | 000,014,658 | ---- | C] () -- C:\WINDOWS\System32\Aud2_Hp.ini
[2010/12/31 05:14:52 | 000,000,029 | ---- | C] () -- C:\WINDOWS\System32\ctzapxx.ini
[2010/12/28 11:01:14 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2010/12/28 11:01:14 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2010/12/28 11:01:14 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2010/12/28 11:01:14 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2010/12/28 11:01:14 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2010/12/27 02:18:55 | 000,240,592 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb0.bin
[2010/12/27 02:18:42 | 000,240,592 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb1.bin
[2010/12/27 02:18:42 | 000,000,001 | ---- | C] () -- C:\WINDOWS\System32\nvdrssel.bin
[2010/12/24 00:37:55 | 002,293,194 | ---- | C] () -- C:\WINDOWS\System32\nvdata.bin
[2009/09/07 06:18:13 | 000,000,760 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Application Data\setup_ldm.iss
[2009/06/05 05:29:51 | 000,000,034 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\jagex_runescape_preferences.dat
[2009/01/17 09:23:28 | 000,188,416 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/01/13 13:44:01 | 000,022,328 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Application Data\PnkBstrK.sys
[2009/01/06 23:08:55 | 000,000,135 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\fusioncache.dat

========== ZeroAccess Check ==========

[2004/01/01 09:53:03 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
"ThreadingModel" = Both
"" = shell32.dll -- [2012/06/08 15:26:20 | 008,462,848 | ---- | M] (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2011/11/01 21:35:20 | 001,510,400 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = fastprox.dll -- [2009/02/09 13:10:48 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\System32\wbem\wbemess.dll -- [2008/04/14 01:12:08 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2004/01/02 01:20:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Intervideo
[2004/01/02 01:51:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\SampleView
[2009/09/09 17:38:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alex\Application Data\BitTorrent
[2009/06/15 15:49:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alex\Application Data\DAEMON Tools
[2009/06/15 15:49:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alex\Application Data\DAEMON Tools Lite
[2009/06/15 15:49:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alex\Application Data\DAEMON Tools Pro
[2004/01/02 01:20:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alex\Application Data\Intervideo
[2010/07/02 15:10:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alex\Application Data\Nokia
[2010/07/02 15:11:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alex\Application Data\PC Suite
[2004/01/02 01:51:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alex\Application Data\SampleView
[2011/07/17 13:30:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alex\Application Data\Sports Interactive
[2009/03/29 15:46:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alex\Application Data\The Creative Assembly
[2012/08/30 10:18:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alex\Application Data\USMA
[2012/04/02 04:30:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVAST Software
[2011/01/04 14:57:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Lite
[2009/09/09 17:03:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Electronic Arts
[2009/01/07 01:55:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Installations
[2004/01/02 01:19:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\InterVideo
[2009/03/14 18:59:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Drivers HeadQuarters
[2010/07/02 15:09:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Suite
[2012/10/21 01:34:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PMB Files
[2011/12/19 19:58:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SafeReturner
[2011/01/04 15:10:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sports Interactive
[2009/01/10 07:39:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ubisoft
[2009/01/07 01:39:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
[2012/07/08 04:03:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\BitTorrent
[2009/01/07 17:46:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\DAEMON Tools
[2011/01/04 15:03:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\DAEMON Tools Lite
[2009/01/07 17:46:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\DAEMON Tools Pro
[2012/07/23 19:18:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\DDMSettings
[2009/06/25 00:30:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\DMCache
[2011/01/02 06:18:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\DNA
[2004/01/02 01:20:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Intervideo
[2009/01/08 02:07:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Leadertech
[2009/04/23 21:17:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\LimeWire
[2011/07/03 12:38:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\LolClient
[2012/06/27 14:08:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\LolMatches Client
[2009/01/07 01:55:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Nokia
[2009/01/07 01:56:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\PC Suite
[2012/09/04 14:40:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\QuickScan
[2004/01/02 01:51:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\SampleView
[2012/04/04 17:31:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\SoftChalk
[2011/04/16 19:22:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Sports Interactive
[2009/06/25 19:10:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\TeamViewer
[2009/03/23 18:34:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\The Creative Assembly
[2011/08/21 10:16:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\TS3Client
[2009/01/10 07:39:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Ubisoft
[2012/08/28 23:40:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\USMA
[2004/01/02 01:20:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Default User\Application Data\Intervideo
[2004/01/02 01:51:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Default User\Application Data\SampleView

========== Purity Check ==========



< End of report >
---------------------------------------------------------------------------------------------------------------------------------------

ComboFix.txt

I can't get combofix to run. It turns on for about half a second and then turns back off.

---------------------------------------------------------------------------------------------------------------------------------------

TDSSKiller

23:40:33.0078 3784 TDSS rootkit removing tool 2.8.7.0 Aug 20 2012 17:30:03
23:40:35.0093 3784 ============================================================
23:40:35.0093 3784 Current date / time: 2012/10/23 23:40:35.0093
23:40:35.0093 3784 SystemInfo:
23:40:35.0093 3784
23:40:35.0093 3784 OS Version: 5.1.2600 ServicePack: 3.0
23:40:35.0093 3784 Product type: Workstation
23:40:35.0125 3784 ComputerName: SILVER-LIGHTNIN
23:40:35.0140 3784 UserName: Compaq_Owner
23:40:35.0140 3784 Windows directory: C:\WINDOWS
23:40:35.0140 3784 System windows directory: C:\WINDOWS
23:40:35.0140 3784 Processor architecture: Intel x86
23:40:35.0140 3784 Number of processors: 2
23:40:35.0140 3784 Page size: 0x1000
23:40:35.0140 3784 Boot type: Normal boot
23:40:35.0140 3784 ============================================================
23:40:40.0234 3784 BG loaded
23:40:41.0640 3784 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x7E2D, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000054
23:40:41.0906 3784 ============================================================
23:40:41.0906 3784 \Device\Harddisk0\DR0:
23:40:41.0906 3784 MBR partitions:
23:40:41.0906 3784 \Device\Harddisk0\DR0\Partition1: MBR, Type 0xB, StartLBA 0x3F, BlocksNum 0x7E32F1
23:40:41.0906 3784 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x7E3330, BlocksNum 0x1C9DD390
23:40:41.0906 3784 ============================================================
23:40:42.0062 3784 C: <-> \Device\Harddisk0\DR0\Partition2
23:40:42.0109 3784 D: <-> \Device\Harddisk0\DR0\Partition1
23:40:42.0156 3784 ============================================================
23:40:42.0156 3784 Initialize success
23:40:42.0156 3784 ============================================================
23:43:17.0625 2548 ============================================================
23:43:17.0625 2548 Scan started
23:43:17.0625 2548 Mode: Manual; SigCheck; TDLFS;
23:43:17.0625 2548 ============================================================
23:43:18.0984 2548 ================ Scan system memory ========================
23:43:18.0984 2548 System memory - ok
23:43:18.0984 2548 ================ Scan services =============================
23:43:19.0140 2548 Abiosdsk - ok
23:43:19.0140 2548 abp480n5 - ok
23:43:19.0203 2548 [ 8FD99680A539792A30E97944FDAECF17 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
23:43:20.0921 2548 ACPI - ok
23:43:20.0968 2548 [ 9859C0F6936E723E4892D7141B1327D5 ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
23:43:21.0109 2548 ACPIEC - ok
23:43:21.0125 2548 [ B05F2367F62552A2DE7E3C352B7B9885 ] ADM8511 C:\WINDOWS\system32\DRIVERS\ADM8511.SYS
23:43:21.0171 2548 ADM8511 - ok
23:43:21.0187 2548 adpu160m - ok
23:43:21.0218 2548 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys
23:43:21.0359 2548 aec - ok
23:43:21.0406 2548 [ 023867B6606FBABCDD52E089C4A507DA ] AegisP C:\WINDOWS\system32\DRIVERS\AegisP.sys
23:43:21.0421 2548 AegisP ( UnsignedFile.Multi.Generic ) - warning
23:43:21.0421 2548 AegisP - detected UnsignedFile.Multi.Generic (1)
23:43:21.0468 2548 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys
23:43:21.0531 2548 AFD - ok
23:43:21.0625 2548 [ 994A42D273C35B43EE9D1E8A5D8BC639 ] AgereSoftModem C:\WINDOWS\system32\DRIVERS\AGRSM.sys
23:43:21.0703 2548 AgereSoftModem - ok
23:43:21.0718 2548 Aha154x - ok
23:43:21.0718 2548 aic78u2 - ok
23:43:21.0734 2548 aic78xx - ok
23:43:21.0765 2548 [ A9A3DAA780CA6C9671A19D52456705B4 ] Alerter C:\WINDOWS\system32\alrsvc.dll
23:43:21.0875 2548 Alerter - ok
23:43:21.0906 2548 [ 8C515081584A38AA007909CD02020B3D ] ALG C:\WINDOWS\System32\alg.exe
23:43:22.0015 2548 ALG - ok
23:43:22.0031 2548 AliIde - ok
23:43:22.0078 2548 [ 8FCE268CDBDD83B23419D1F35F42C7B1 ] AmdK7 C:\WINDOWS\system32\DRIVERS\amdk7.sys
23:43:22.0265 2548 AmdK7 - ok
23:43:22.0265 2548 amsint - ok
23:43:22.0406 2548 [ A8AA9D47F971570A5162B862B80F87E8 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
23:43:22.0421 2548 Apple Mobile Device - ok
23:43:22.0421 2548 AppMgmt - ok
23:43:22.0453 2548 [ B5B8A80875C1DEDEDA8B02765642C32F ] Arp1394 C:\WINDOWS\system32\DRIVERS\arp1394.sys
23:43:22.0578 2548 Arp1394 - ok
23:43:22.0593 2548 asc - ok
23:43:22.0593 2548 asc3350p - ok
23:43:22.0609 2548 asc3550 - ok
23:43:22.0718 2548 [ 776ACEFA0CA9DF0FAA51A5FB2F435705 ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
23:43:22.0734 2548 aspnet_state - ok
23:43:22.0765 2548 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
23:43:22.0890 2548 AsyncMac - ok
23:43:22.0921 2548 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
23:43:23.0046 2548 atapi - ok
23:43:23.0062 2548 Atdisk - ok
23:43:23.0078 2548 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
23:43:23.0187 2548 Atmarpc - ok
23:43:23.0234 2548 [ DEF7A7882BEC100FE0B2CE2549188F9D ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
23:43:23.0375 2548 AudioSrv - ok
23:43:23.0406 2548 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
23:43:23.0546 2548 audstub - ok
23:43:23.0593 2548 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
23:43:23.0734 2548 Beep - ok
23:43:23.0781 2548 [ 9EFE4236F8670846B6E7C5B0EFF6E715 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
23:43:23.0796 2548 Bonjour Service - ok
23:43:23.0812 2548 [ F934D1B230F84E1D19DD00AC5A7A83ED ] Bridge C:\WINDOWS\system32\DRIVERS\bridge.sys
23:43:23.0953 2548 Bridge - ok
23:43:23.0953 2548 [ F934D1B230F84E1D19DD00AC5A7A83ED ] BridgeMP C:\WINDOWS\system32\DRIVERS\bridge.sys
23:43:24.0062 2548 BridgeMP - ok
23:43:24.0109 2548 [ CFD4E51402DA9838B5A04AE680AF54A0 ] Browser C:\WINDOWS\System32\browser.dll
23:43:24.0156 2548 Browser - ok
23:43:24.0156 2548 catchme - ok
23:43:24.0187 2548 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
23:43:24.0328 2548 cbidf2k - ok
23:43:24.0343 2548 [ 0BE5AEF125BE881C4F854C554F2B025C ] CCDECODE C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
23:43:24.0468 2548 CCDECODE - ok
23:43:24.0468 2548 cd20xrnt - ok
23:43:24.0500 2548 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
23:43:24.0656 2548 Cdaudio - ok
23:43:24.0687 2548 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
23:43:24.0828 2548 Cdfs - ok
23:43:24.0859 2548 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
23:43:25.0000 2548 Cdrom - ok
23:43:25.0015 2548 Changer - ok
23:43:25.0046 2548 [ 1CFE720EB8D93A7158A4EBC3AB178BDE ] cisvc C:\WINDOWS\system32\cisvc.exe
23:43:25.0187 2548 cisvc - ok
23:43:25.0218 2548 [ 34CBE729F38138217F9C80212A2A0C82 ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
23:43:25.0359 2548 ClipSrv - ok
23:43:25.0437 2548 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
23:43:25.0453 2548 clr_optimization_v2.0.50727_32 - ok
23:43:25.0500 2548 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
23:43:25.0515 2548 clr_optimization_v4.0.30319_32 - ok
23:43:25.0531 2548 CmdIde - ok
23:43:25.0531 2548 COMSysApp - ok
23:43:25.0546 2548 Cpqarray - ok
23:43:25.0578 2548 [ 3D4E199942E29207970E04315D02AD3B ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
23:43:25.0718 2548 CryptSvc - ok
23:43:25.0781 2548 [ A5E67327B49E1F4341D470D8BBCBC401 ] ctac32k C:\WINDOWS\system32\drivers\ctac32k.sys
23:43:25.0828 2548 ctac32k ( UnsignedFile.Multi.Generic ) - warning
23:43:25.0828 2548 ctac32k - detected UnsignedFile.Multi.Generic (1)
23:43:25.0859 2548 [ 29F78D59B053CB8778F8426E4E24099C ] ctdvda2k C:\WINDOWS\system32\drivers\ctdvda2k.sys
23:43:25.0875 2548 ctdvda2k ( UnsignedFile.Multi.Generic ) - warning
23:43:25.0875 2548 ctdvda2k - detected UnsignedFile.Multi.Generic (1)
23:43:25.0921 2548 [ C7FC5D87B06207A5D34697B627826618 ] ctprxy2k C:\WINDOWS\system32\drivers\ctprxy2k.sys
23:43:25.0937 2548 ctprxy2k ( UnsignedFile.Multi.Generic ) - warning
23:43:25.0937 2548 ctprxy2k - detected UnsignedFile.Multi.Generic (1)
23:43:25.0953 2548 [ 2C0AF71CF0E1224A2DFC2B67E63B02B1 ] ctsfm2k C:\WINDOWS\system32\drivers\ctsfm2k.sys
23:43:25.0968 2548 ctsfm2k ( UnsignedFile.Multi.Generic ) - warning
23:43:25.0968 2548 ctsfm2k - detected UnsignedFile.Multi.Generic (1)
23:43:25.0968 2548 dac2w2k - ok
23:43:25.0984 2548 dac960nt - ok
23:43:26.0031 2548 [ 6B27A5C03DFB94B4245739065431322C ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
23:43:26.0078 2548 DcomLaunch - ok
23:43:26.0156 2548 [ 5E38D7684A49CACFB752B046357E0589 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
23:43:26.0281 2548 Dhcp - ok
23:43:26.0312 2548 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
23:43:26.0453 2548 Disk - ok
23:43:26.0468 2548 dmadmin - ok
23:43:26.0531 2548 [ D992FE1274BDE0F84AD826ACAE022A41 ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
23:43:26.0703 2548 dmboot - ok
23:43:26.0718 2548 [ 7C824CF7BBDE77D95C08005717A95F6F ] dmio C:\WINDOWS\system32\drivers\dmio.sys
23:43:26.0843 2548 dmio - ok
23:43:26.0859 2548 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
23:43:26.0984 2548 dmload - ok
23:43:27.0015 2548 [ 57EDEC2E5F59F0335E92F35184BC8631 ] dmserver C:\WINDOWS\System32\dmserver.dll
23:43:27.0125 2548 dmserver - ok
23:43:27.0156 2548 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
23:43:27.0296 2548 DMusic - ok
23:43:27.0343 2548 [ 5F7E24FA9EAB896051FFB87F840730D2 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
23:43:27.0390 2548 Dnscache - ok
23:43:27.0406 2548 [ 0F0F6E687E5E15579EF4DA8DD6945814 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
23:43:27.0546 2548 Dot3svc - ok
23:43:27.0546 2548 dpti2o - ok
23:43:27.0578 2548 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
23:43:27.0687 2548 drmkaud - ok
23:43:27.0703 2548 EagleXNt - ok
23:43:27.0734 2548 [ 2187855A7703ADEF0CEF9EE4285182CC ] EapHost C:\WINDOWS\System32\eapsvc.dll
23:43:27.0843 2548 EapHost - ok
23:43:27.0859 2548 EL90XBC - ok
23:43:27.0875 2548 [ 091D37E0F5193F708C9006B1F2E23EE4 ] emupia C:\WINDOWS\system32\drivers\emupia2k.sys
23:43:27.0875 2548 emupia ( UnsignedFile.Multi.Generic ) - warning
23:43:27.0875 2548 emupia - detected UnsignedFile.Multi.Generic (1)
23:43:27.0906 2548 [ BC93B4A066477954555966D77FEC9ECB ] ERSvc C:\WINDOWS\System32\ersvc.dll
23:43:28.0046 2548 ERSvc - ok
23:43:28.0093 2548 [ 65DF52F5B8B6E9BBD183505225C37315 ] Eventlog C:\WINDOWS\system32\services.exe
23:43:28.0125 2548 Eventlog - ok
23:43:28.0171 2548 [ D4991D98F2DB73C60D042F1AEF79EFAE ] EventSystem C:\WINDOWS\System32\es.dll
23:43:28.0187 2548 EventSystem - ok
23:43:28.0218 2548 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
23:43:28.0359 2548 Fastfat - ok
23:43:28.0390 2548 [ 99BC0B50F511924348BE19C7C7313BBF ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
23:43:28.0515 2548 FastUserSwitchingCompatibility - ok
23:43:28.0578 2548 [ E97D6A8684466DF94FF3BC24FB787A07 ] Fax C:\WINDOWS\system32\fxssvc.exe
23:43:28.0734 2548 Fax - ok
23:43:28.0796 2548 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\DRIVERS\fdc.sys
23:43:28.0953 2548 Fdc - ok
23:43:28.0984 2548 [ D45926117EB9FA946A6AF572FBE1CAA3 ] Fips C:\WINDOWS\system32\drivers\Fips.sys
23:43:29.0109 2548 Fips - ok
23:43:29.0125 2548 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\DRIVERS\flpydisk.sys
23:43:29.0250 2548 Flpydisk - ok
23:43:29.0281 2548 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
23:43:29.0406 2548 FltMgr - ok
23:43:29.0531 2548 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
23:43:29.0546 2548 FontCache3.0.0.0 - ok
23:43:29.0562 2548 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
23:43:29.0703 2548 Fs_Rec - ok
23:43:29.0718 2548 [ 6AC26732762483366C3969C9E4D2259D ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
23:43:29.0843 2548 Ftdisk - ok
23:43:29.0890 2548 [ AB8A6A87D9D7255C3884D5B9541A6E80 ] GEARAspiWDM C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
23:43:29.0906 2548 GEARAspiWDM - ok
23:43:29.0937 2548 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
23:43:30.0078 2548 Gpc - ok
23:43:30.0109 2548 [ 1AD88BCF3D043BAA58C15EB262625F9B ] ha10kx2k C:\WINDOWS\system32\drivers\ha10kx2k.sys
23:43:30.0171 2548 ha10kx2k ( UnsignedFile.Multi.Generic ) - warning
23:43:30.0187 2548 ha10kx2k - detected UnsignedFile.Multi.Generic (1)
23:43:30.0203 2548 [ 8FF42F63C722A1DD4C91FF6A497FD6B2 ] hap16v2k C:\WINDOWS\system32\drivers\hap16v2k.sys
23:43:30.0203 2548 hap16v2k ( UnsignedFile.Multi.Generic ) - warning
23:43:30.0203 2548 hap16v2k - detected UnsignedFile.Multi.Generic (1)
23:43:30.0234 2548 [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
23:43:30.0375 2548 HDAudBus - ok
23:43:30.0500 2548 [ 4FCCA060DFE0C51A09DD5C3843888BCD ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
23:43:30.0625 2548 helpsvc - ok
23:43:30.0671 2548 [ DEB04DA35CC871B6D309B77E1443C796 ] HidServ C:\WINDOWS\System32\hidserv.dll
23:43:30.0812 2548 HidServ - ok
23:43:30.0828 2548 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys
23:43:30.0968 2548 HidUsb - ok
23:43:31.0046 2548 [ 8878BD685E490239777BFE51320B88E9 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
23:43:31.0203 2548 hkmsvc - ok
23:43:31.0218 2548 hpn - ok
23:43:31.0281 2548 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
23:43:31.0343 2548 HTTP - ok
23:43:31.0375 2548 [ 6100A808600F44D999CEBDEF8841C7A3 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
23:43:31.0500 2548 HTTPFilter - ok
23:43:31.0515 2548 i2omgmt - ok
23:43:31.0515 2548 i2omp - ok
23:43:31.0546 2548 [ 4A0B06AA8943C1E332520F7440C0AA30 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
23:43:31.0687 2548 i8042prt - ok
23:43:31.0750 2548 [ 0ACEBB31989CBF9A5663FE4A33D28D21 ] ialm C:\WINDOWS\system32\DRIVERS\ialmnt5.sys
23:43:31.0812 2548 ialm - ok
23:43:31.0875 2548 [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
23:43:31.0890 2548 IDriverT ( UnsignedFile.Multi.Generic ) - warning
23:43:31.0890 2548 IDriverT - detected UnsignedFile.Multi.Generic (1)
23:43:31.0984 2548 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
23:43:32.0046 2548 idsvc - ok
23:43:32.0046 2548 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
23:43:32.0171 2548 Imapi - ok
23:43:32.0203 2548 [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] ImapiService C:\WINDOWS\system32\imapi.exe
23:43:32.0343 2548 ImapiService - ok
23:43:32.0359 2548 ini910u - ok
23:43:32.0453 2548 [ EAFD29C7918325B45E0DABAFD82EF75F ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys
23:43:32.0578 2548 IntcAzAudAddService - ok
23:43:32.0625 2548 [ B5466A9250342A7AA0CD1FBA13420678 ] IntelIde C:\WINDOWS\system32\DRIVERS\intelide.sys
23:43:32.0750 2548 IntelIde - ok
23:43:32.0781 2548 [ 8C953733D8F36EB2133F5BB58808B66B ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
23:43:32.0890 2548 intelppm - ok
23:43:32.0921 2548 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\drivers\ip6fw.sys
23:43:33.0046 2548 Ip6Fw - ok
23:43:33.0078 2548 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
23:43:33.0203 2548 IpFilterDriver - ok
23:43:33.0234 2548 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
23:43:33.0359 2548 IpInIp - ok
23:43:33.0390 2548 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
23:43:33.0531 2548 IpNat - ok
23:43:33.0578 2548 [ 62937A89470AF8FF172F0980CA8AEFC9 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
23:43:33.0609 2548 iPod Service - ok
23:43:33.0640 2548 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
23:43:33.0781 2548 IPSec - ok
23:43:33.0812 2548 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
23:43:33.0937 2548 IRENUM - ok
23:43:33.0968 2548 [ 05A299EC56E52649B1CF2FC52D20F2D7 ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
23:43:34.0093 2548 isapnp - ok
23:43:34.0140 2548 [ F59C3569A2F2C464BB78CB1BDCDCA55E ] Iviaspi C:\WINDOWS\system32\drivers\iviaspi.sys
23:43:34.0140 2548 Iviaspi ( UnsignedFile.Multi.Generic ) - warning
23:43:34.0140 2548 Iviaspi - detected UnsignedFile.Multi.Generic (1)
23:43:34.0281 2548 [ 80F08F50D248EEEEB9256F6522891D40 ] JavaQuickStarterService C:\Program Files\Java\jre7\bin\jqs.exe
23:43:34.0296 2548 JavaQuickStarterService - ok
23:43:34.0343 2548 [ 463C1EC80CD17420A542B7F36A36F128 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
23:43:34.0468 2548 Kbdclass - ok
23:43:34.0484 2548 [ 9EF487A186DEA361AA06913A75B3FA99 ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys
23:43:34.0593 2548 kbdhid - ok
23:43:34.0625 2548 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
23:43:34.0765 2548 kmixer - ok
23:43:34.0796 2548 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
23:43:34.0859 2548 KSecDD - ok
23:43:34.0875 2548 [ DC61F15187372D164769C841655E58F3 ] L8042Kbd C:\WINDOWS\system32\DRIVERS\L8042Kbd.sys
23:43:35.0171 2548 L8042Kbd - ok
23:43:35.0250 2548 [ CB6E007D3A67CB80EE9DF2AFD4B0FC9D ] L8042mou C:\WINDOWS\system32\DRIVERS\L8042mou.Sys
23:43:35.0296 2548 L8042mou - ok
23:43:35.0343 2548 [ 3A7C3CBE5D96B8AE96CE81F0B22FB527 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
23:43:35.0421 2548 lanmanserver - ok
23:43:35.0500 2548 [ A8888A5327621856C0CEC4E385F69309 ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll
23:43:35.0546 2548 LanmanWorkstation - ok
23:43:35.0609 2548 [ BE2DC24D403643A2D1D98F33C7087B38 ] LBeepKE C:\WINDOWS\system32\Drivers\LBeepKE.sys
23:43:35.0625 2548 LBeepKE - ok
23:43:35.0640 2548 lbrtfdc - ok
23:43:35.0734 2548 [ 910344E2A984010435AE84783B25E5EB ] LBTServ C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
23:43:35.0750 2548 LBTServ - ok
23:43:35.0796 2548 [ 01CC7FB6E790EF044B411377F3A1FF41 ] LHidFilt C:\WINDOWS\system32\DRIVERS\LHidFilt.Sys
23:43:35.0812 2548 LHidFilt - ok
23:43:35.0859 2548 [ A7DB739AE99A796D91580147E919CC59 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
23:43:36.0000 2548 LmHosts - ok
23:43:36.0000 2548 [ A2E7EAE8898D7B4B8C302B8F4E836BB5 ] LMouFilt C:\WINDOWS\system32\DRIVERS\LMouFilt.Sys
23:43:36.0015 2548 LMouFilt - ok
23:43:36.0046 2548 [ 58597A99792461E89BB5C44E17508D70 ] LMouKE C:\WINDOWS\system32\DRIVERS\LMouKE.Sys
23:43:36.0062 2548 LMouKE - ok
23:43:36.0093 2548 [ 0DEC219CB6EFCBC872F88F9AEC320EA6 ] LUsbFilt C:\WINDOWS\system32\Drivers\LUsbFilt.Sys
23:43:36.0109 2548 LUsbFilt - ok
23:43:36.0156 2548 [ 500D089CE760D83DA2B6CBA681AA9949 ] MBAMProtector C:\WINDOWS\system32\drivers\mbam.sys
23:43:36.0171 2548 MBAMProtector - ok
23:43:36.0281 2548 [ 85B16A92B117A5A800032ECD904B86DB ] MBAMScheduler C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
23:43:36.0312 2548 MBAMScheduler - ok
23:43:36.0343 2548 [ 0DB7527DB188C7D967A37BB51BBF3963 ] MBAMSwissArmy C:\WINDOWS\system32\drivers\mbamswissarmy.sys
23:43:36.0359 2548 MBAMSwissArmy - ok
23:43:36.0406 2548 [ 986B1FF5814366D71E0AC5755C88F2D3 ] Messenger C:\WINDOWS\System32\msgsvc.dll
23:43:36.0531 2548 Messenger - ok
23:43:36.0671 2548 Micorsoft Windows Service - ok
23:43:36.0750 2548 [ 123271BD5237AB991DC5C21FDF8835EB ] Microsoft Office Groove Audit Service C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
23:43:36.0765 2548 Microsoft Office Groove Audit Service - ok
23:43:36.0796 2548 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
23:43:36.0937 2548 mnmdd - ok
23:43:36.0984 2548 [ D18F1F0C101D06A1C1ADF26EED16FCDD ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
23:43:37.0125 2548 mnmsrvc - ok
23:43:37.0171 2548 [ DFCBAD3CEC1C5F964962AE10E0BCC8E1 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
23:43:37.0296 2548 Modem - ok
23:43:37.0328 2548 [ 35C9E97194C8CFB8430125F8DBC34D04 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
23:43:37.0468 2548 Mouclass - ok
23:43:37.0500 2548 [ B1C303E17FB9D46E87A98E4BA6769685 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
23:43:37.0656 2548 mouhid - ok
23:43:37.0687 2548 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
23:43:37.0812 2548 MountMgr - ok
23:43:37.0843 2548 [ 4D7F2682D29B92A6251B17957AA0B985 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
23:43:37.0859 2548 MozillaMaintenance - ok
23:43:37.0875 2548 mraid35x - ok
23:43:37.0906 2548 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
23:43:38.0015 2548 MRxDAV - ok
23:43:38.0062 2548 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
23:43:38.0125 2548 MRxSmb - ok
23:43:38.0187 2548 [ A137F1470499A205ABBB9AAFB3B6F2B1 ] MSDTC C:\WINDOWS\system32\msdtc.exe
23:43:38.0296 2548 MSDTC - ok
23:43:38.0312 2548 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
23:43:38.0437 2548 Msfs - ok
23:43:38.0437 2548 MSIServer - ok
23:43:38.0453 2548 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
23:43:38.0562 2548 MSKSSRV - ok
23:43:38.0578 2548 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
23:43:38.0703 2548 MSPCLOCK - ok
23:43:38.0718 2548 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
23:43:38.0828 2548 MSPQM - ok
23:43:38.0859 2548 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
23:43:38.0984 2548 mssmbios - ok
23:43:39.0000 2548 [ E53736A9E30C45FA9E7B5EAC55056D1D ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
23:43:39.0125 2548 MSTEE - ok
23:43:39.0156 2548 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
23:43:39.0218 2548 Mup - ok
23:43:39.0281 2548 [ 5B50F1B2A2ED47D560577B221DA734DB ] NABTSFEC C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
23:43:39.0421 2548 NABTSFEC - ok
23:43:39.0468 2548 [ 0102140028FAD045756796E1C685D695 ] napagent C:\WINDOWS\System32\qagentrt.dll
23:43:39.0593 2548 napagent - ok
23:43:39.0625 2548 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
23:43:39.0750 2548 NDIS - ok
23:43:39.0781 2548 [ 7FF1F1FD8609C149AA432F95A8163D97 ] NdisIP C:\WINDOWS\system32\DRIVERS\NdisIP.sys
23:43:39.0906 2548 NdisIP - ok
23:43:39.0937 2548 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
23:43:39.0968 2548 NdisTapi - ok
23:43:39.0984 2548 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
23:43:40.0109 2548 Ndisuio - ok
23:43:40.0140 2548 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
23:43:40.0281 2548 NdisWan - ok
23:43:40.0312 2548 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
23:43:40.0343 2548 NDProxy - ok
23:43:40.0343 2548 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
23:43:40.0468 2548 NetBIOS - ok
23:43:40.0484 2548 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
23:43:40.0625 2548 NetBT - ok
23:43:40.0656 2548 [ B857BA82860D7FF85AE29B095645563B ] NetDDE C:\WINDOWS\system32\netdde.exe
23:43:40.0796 2548 NetDDE - ok
23:43:40.0796 2548 [ B857BA82860D7FF85AE29B095645563B ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
23:43:40.0906 2548 NetDDEdsdm - ok
23:43:40.0937 2548 [ BF2466B3E18E970D8A976FB95FC1CA85 ] Netlogon C:\WINDOWS\system32\lsass.exe
23:43:41.0046 2548 Netlogon - ok
23:43:41.0078 2548 [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] Netman C:\WINDOWS\System32\netman.dll
23:43:41.0203 2548 Netman - ok
23:43:41.0234 2548 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
23:43:41.0250 2548 NetTcpPortSharing - ok
23:43:41.0296 2548 [ E9E47CFB2D461FA0FC75B7A74C6383EA ] NIC1394 C:\WINDOWS\system32\DRIVERS\nic1394.sys
23:43:41.0421 2548 NIC1394 - ok
23:43:41.0468 2548 [ 943337D786A56729263071623BBB9DE5 ] Nla C:\WINDOWS\System32\mswsock.dll
23:43:41.0515 2548 Nla - ok
23:43:41.0546 2548 [ 1E421A6BCF2203CC61B821ADA9DE878B ] nm C:\WINDOWS\system32\DRIVERS\NMnt.sys
23:43:41.0671 2548 nm - ok
23:43:41.0687 2548 [ B4E87D4F40C57D036E821BD06DB1D1B7 ] nmwcd C:\WINDOWS\system32\drivers\ccdcmb.sys
23:43:42.0296 2548 nmwcd - ok
23:43:42.0406 2548 [ BEE0ADDF01D62725DDC2CC113D6B374C ] nmwcdc C:\WINDOWS\system32\drivers\ccdcmbo.sys
23:43:42.0484 2548 nmwcdc - ok
23:43:42.0562 2548 [ 6623E51595C0076755C29C00846C4EB2 ] NPF C:\WINDOWS\system32\drivers\npf.sys
23:43:42.0578 2548 NPF - ok
23:43:42.0593 2548 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
23:43:42.0734 2548 Npfs - ok
23:43:42.0781 2548 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
23:43:42.0921 2548 Ntfs - ok
23:43:42.0953 2548 [ BF2466B3E18E970D8A976FB95FC1CA85 ] NtLmSsp C:\WINDOWS\System32\lsass.exe
23:43:43.0062 2548 NtLmSsp - ok
23:43:43.0109 2548 [ 156F64A3345BD23C600655FB4D10BC08 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
23:43:43.0265 2548 NtmsSvc - ok
23:43:43.0296 2548 [ CF7E041663119E09D2E118521ADA9300 ] NuidFltr C:\WINDOWS\system32\DRIVERS\NuidFltr.sys
23:43:43.0312 2548 NuidFltr - ok
23:43:43.0328 2548 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
23:43:43.0515 2548 Null - ok
23:43:43.0765 2548 [ 9E143FB3EF13B7EC1C1DD06529DEBADD ] nv C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
23:43:43.0968 2548 nv - ok
23:43:44.0000 2548 [ 1633409E67F1BD6E5AC8ECB9CD5D2027 ] NVSvc C:\WINDOWS\system32\nvsvc32.exe
23:43:44.0031 2548 NVSvc - ok
23:43:44.0062 2548 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
23:43:44.0187 2548 NwlnkFlt - ok
23:43:44.0203 2548 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
23:43:44.0343 2548 NwlnkFwd - ok
23:43:44.0468 2548 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
23:43:44.0500 2548 odserv - ok
23:43:44.0531 2548 [ CA33832DF41AFB202EE7AEB05145922F ] ohci1394 C:\WINDOWS\system32\DRIVERS\ohci1394.sys
23:43:44.0671 2548 ohci1394 - ok
23:43:45.0968 2548 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
23:43:45.0984 2548 ose - ok
23:43:46.0031 2548 [ 5575FAF8F97CE5E713D108C2A58D7C7C ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys
23:43:46.0187 2548 Parport - ok
23:43:46.0234 2548 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
23:43:46.0406 2548 PartMgr - ok
23:43:46.0437 2548 [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
23:43:46.0625 2548 ParVdm - ok
23:43:46.0656 2548 [ 175CC28DCF819F78CAA3FBD44AD9E52A ] pccsmcfd C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys
23:43:46.0703 2548 pccsmcfd - ok
23:43:46.0734 2548 [ A219903CCF74233761D92BEF471A07B1 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
23:43:46.0921 2548 PCI - ok
23:43:46.0937 2548 PCIDump - ok
23:43:46.0968 2548 [ CCF5F451BB1A5A2A522A76E670000FF0 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
23:43:47.0187 2548 PCIIde - ok
23:43:47.0218 2548 [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
23:43:47.0406 2548 Pcmcia - ok
23:43:47.0421 2548 [ A05145D98D8F74D8CA7E251C1E1B274D ] PCTINDIS5 C:\WINDOWS\System32\PCTINDIS5.SYS
23:43:47.0437 2548 PCTINDIS5 ( UnsignedFile.Multi.Generic ) - warning
23:43:47.0437 2548 PCTINDIS5 - detected UnsignedFile.Multi.Generic (1)
23:43:47.0468 2548 [ 53B518B36FF81CB21334E43237B7B461 ] PCTWPASV C:\Program Files\Arcadyan Wireless\pctwpasv.exe
23:43:47.0500 2548 PCTWPASV ( UnsignedFile.Multi.Generic ) - warning
23:43:47.0500 2548 PCTWPASV - detected UnsignedFile.Multi.Generic (1)
23:43:47.0515 2548 PDCOMP - ok
23:43:47.0515 2548 PDFRAME - ok
23:43:47.0531 2548 PDRELI - ok
23:43:47.0531 2548 PDRFRAME - ok
23:43:47.0546 2548 perc2 - ok
23:43:47.0562 2548 perc2hib - ok
23:43:47.0609 2548 [ 444F122E68DB44C0589227781F3C8B3F ] Pfc C:\WINDOWS\system32\drivers\pfc.sys
23:43:47.0640 2548 Pfc ( UnsignedFile.Multi.Generic ) - warning
23:43:47.0640 2548 Pfc - detected UnsignedFile.Multi.Generic (1)
23:43:47.0671 2548 [ 2F81E367875C5D7D6F05454BA84D27A9 ] PID_0920 C:\WINDOWS\system32\DRIVERS\LV532AV.SYS
23:43:47.0750 2548 PID_0920 - ok
23:43:47.0781 2548 [ 65DF52F5B8B6E9BBD183505225C37315 ] PlugPlay C:\WINDOWS\system32\services.exe
23:43:47.0812 2548 PlugPlay - ok
23:43:47.0828 2548 [ BF2466B3E18E970D8A976FB95FC1CA85 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
23:43:48.0015 2548 PolicyAgent - ok
23:43:48.0062 2548 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
23:43:48.0203 2548 PptpMiniport - ok
23:43:48.0265 2548 [ 23EA4D861FAA8A010DB153F9819FB4F7 ] PRISM_A00 C:\WINDOWS\system32\DRIVERS\PCTELSAP.SYS
23:43:48.0328 2548 PRISM_A00 - ok
23:43:48.0375 2548 [ A32BEBAF723557681BFC6BD93E98BD26 ] Processor C:\WINDOWS\system32\DRIVERS\processr.sys
23:43:48.0562 2548 Processor - ok
23:43:48.0562 2548 PROCEXP151 - ok
23:43:48.0593 2548 [ BF2466B3E18E970D8A976FB95FC1CA85 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
23:43:48.0796 2548 ProtectedStorage - ok
23:43:48.0812 2548 [ 9B793A1FFD480155FE9EE5261153F21B ] Ps2 C:\WINDOWS\system32\DRIVERS\PS2.sys
23:43:48.0843 2548 Ps2 - ok
23:43:48.0859 2548 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
23:43:49.0062 2548 PSched - ok
23:43:49.0078 2548 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
23:43:49.0296 2548 Ptilink - ok
23:43:49.0328 2548 [ E42E3433DBB4CFFE8FDD91EAB29AEA8E ] PxHelp20 C:\WINDOWS\system32\Drivers\PxHelp20.sys
23:43:49.0343 2548 PxHelp20 - ok
23:43:49.0359 2548 ql1080 - ok
23:43:49.0359 2548 Ql10wnt - ok
23:43:49.0375 2548 ql12160 - ok
23:43:49.0375 2548 ql1240 - ok
23:43:49.0390 2548 ql1280 - ok
23:43:49.0390 2548 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
23:43:49.0609 2548 RasAcd - ok
23:43:49.0640 2548 [ AD188BE7BDF94E8DF4CA0A55C00A5073 ] RasAuto C:\WINDOWS\System32\rasauto.dll
23:43:49.0843 2548 RasAuto - ok
23:43:49.0875 2548 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
23:43:50.0078 2548 Rasl2tp - ok
23:43:50.0125 2548 [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] RasMan C:\WINDOWS\System32\rasmans.dll
23:43:50.0312 2548 RasMan - ok
23:43:50.0328 2548 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
23:43:50.0531 2548 RasPppoe - ok
23:43:50.0546 2548 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
23:43:50.0750 2548 Raspti - ok
23:43:50.0796 2548 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
23:43:50.0937 2548 Rdbss - ok
23:43:50.0968 2548 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
23:43:51.0109 2548 RDPCDD - ok
23:43:51.0171 2548 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
23:43:51.0218 2548 RDPWD - ok
23:43:51.0265 2548 [ 3C37BF86641BDA977C3BF8A840F3B7FA ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
23:43:51.0375 2548 RDSessMgr - ok
23:43:51.0421 2548 [ F828DD7E1419B6653894A8F97A0094C5 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
23:43:51.0546 2548 redbook - ok
23:43:51.0562 2548 RegKernelHelp - ok
23:43:51.0593 2548 [ 7E699FF5F59B5D9DE5390E3C34C67CF5 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
23:43:51.0718 2548 RemoteAccess - ok
23:43:51.0750 2548 [ F17713D108ACA124A139FDE877EEF68A ] RimUsb C:\WINDOWS\system32\Drivers\RimUsb.sys
23:43:51.0796 2548 RimUsb - ok
23:43:51.0812 2548 [ E51A8D02B4BD33EBA1F7A5B76C3766ED ] rpcapd C:\Program Files\WinPcap\rpcapd.exe
23:43:51.0828 2548 rpcapd - ok
23:43:51.0859 2548 [ AAED593F84AFA419BBAE8572AF87CF6A ] RpcLocator C:\WINDOWS\System32\locator.exe
23:43:51.0968 2548 RpcLocator - ok
23:43:52.0000 2548 [ 6B27A5C03DFB94B4245739065431322C ] RpcSs C:\WINDOWS\System32\rpcss.dll
23:43:52.0031 2548 RpcSs - ok
23:43:52.0093 2548 [ 471B3F9741D762ABE75E9DEEA4787E47 ] RSVP C:\WINDOWS\System32\rsvp.exe
23:43:52.0250 2548 RSVP - ok
23:43:52.0328 2548 [ E2E588D92C8E151CD3515EE09FEC90E2 ] rt2870 C:\WINDOWS\system32\DRIVERS\rt2870.sys
23:43:52.0375 2548 rt2870 - ok
23:43:52.0421 2548 [ 67C9511A760149797E806FFD9F14AD37 ] RTL8023xp C:\WINDOWS\system32\DRIVERS\Rtnicxp.sys
23:43:52.0500 2548 RTL8023xp - ok
23:43:52.0531 2548 [ 2EF9C0DC26B30B2318B1FC3FAA1F0AE7 ] rtl8139 C:\WINDOWS\system32\DRIVERS\R8139n51.SYS
23:43:52.0562 2548 rtl8139 - ok
23:43:52.0593 2548 [ BF2466B3E18E970D8A976FB95FC1CA85 ] SamSs C:\WINDOWS\system32\lsass.exe
23:43:52.0703 2548 SamSs - ok
23:43:52.0718 2548 [ 86D007E7A654B9A71D1D7D856B104353 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
23:43:52.0859 2548 SCardSvr - ok
23:43:52.0937 2548 [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] Schedule C:\WINDOWS\system32\schedsvc.dll
23:43:53.0062 2548 Schedule - ok
23:43:53.0109 2548 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
23:43:53.0218 2548 Secdrv - ok
23:43:53.0250 2548 [ CBE612E2BB6A10E3563336191EDA1250 ] seclogon C:\WINDOWS\System32\seclogon.dll
23:43:53.0390 2548 seclogon - ok
23:43:53.0421 2548 [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] SENS C:\WINDOWS\system32\sens.dll
23:43:53.0546 2548 SENS - ok
23:43:53.0562 2548 [ 0F29512CCD6BEAD730039FB4BD2C85CE ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
23:43:53.0687 2548 serenum - ok
23:43:53.0718 2548 [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys
23:43:53.0843 2548 Serial - ok
23:43:53.0953 2548 [ 277D0890E10584C216BCCFA4EF6B9B3D ] ServiceLayer C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
23:43:54.0000 2548 ServiceLayer ( UnsignedFile.Multi.Generic ) - warning
23:43:54.0000 2548 ServiceLayer - detected UnsignedFile.Multi.Generic (1)
23:43:54.0046 2548 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
23:43:54.0171 2548 Sfloppy - ok
23:43:54.0203 2548 [ 99BC0B50F511924348BE19C7C7313BBF ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
23:43:54.0218 2548 ShellHWDetection - ok
23:43:54.0234 2548 Simbad - ok
23:43:54.0281 2548 [ 020467B4EE7F73C304943BF0E3E4D526 ] SiS315 C:\WINDOWS\system32\DRIVERS\sisgrp.sys
23:43:54.0328 2548 SiS315 - ok
23:43:54.0375 2548 [ 61CA562DEF09A782D26B3E7EDEC5369A ] SISAGP C:\WINDOWS\system32\DRIVERS\SISAGPX.sys
23:43:54.0421 2548 SISAGP - ok
23:43:54.0453 2548 [ 02960A9C3F4E5178EDBD9C0D2D995B3B ] SiSkp C:\WINDOWS\system32\DRIVERS\srvkp.sys
23:43:54.0484 2548 SiSkp - ok
23:43:54.0500 2548 [ 866D538EBE33709A5C9F5C62B73B7D14 ] SLIP C:\WINDOWS\system32\DRIVERS\SLIP.sys
23:43:54.0625 2548 SLIP - ok
23:43:54.0671 2548 [ 60C377BE6B3CC83F6A8584934B181D2E ] SNMP C:\WINDOWS\System32\snmp.exe
23:43:54.0781 2548 SNMP - ok
23:43:54.0828 2548 [ 80A050795A107A76C2B1CD4CFBE010E6 ] SNMPTRAP C:\WINDOWS\System32\snmptrap.exe
23:43:54.0937 2548 SNMPTRAP - ok
23:43:54.0953 2548 Sparrow - ok
23:43:54.0984 2548 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
23:43:55.0109 2548 splitter - ok
23:43:55.0156 2548 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe
23:43:55.0187 2548 Spooler - ok
23:43:55.0265 2548 [ CDDDEC541BC3C96F91ECB48759673505 ] sptd C:\WINDOWS\system32\Drivers\sptd.sys
23:43:55.0265 2548 Suspicious file (NoAccess): C:\WINDOWS\system32\Drivers\sptd.sys. md5: CDDDEC541BC3C96F91ECB48759673505
23:43:55.0265 2548 sptd ( LockedFile.Multi.Generic ) - warning
23:43:55.0265 2548 sptd - detected LockedFile.Multi.Generic (1)
23:43:55.0281 2548 [ 76BB022C2FB6902FD5BDD4F78FC13A5D ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
23:43:55.0406 2548 sr - ok
23:43:55.0453 2548 [ 3805DF0AC4296A34BA4BF93B346CC378 ] srservice C:\WINDOWS\system32\srsvc.dll
23:43:55.0593 2548 srservice - ok
23:43:55.0625 2548 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
23:43:55.0671 2548 Srv - ok
23:43:55.0703 2548 [ 0A5679B3714EDAB99E357057EE88FCA6 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
23:43:55.0812 2548 SSDPSRV - ok
23:43:55.0875 2548 [ 8BAD69CBAC032D4BBACFCE0306174C30 ] stisvc C:\WINDOWS\system32\wiaservc.dll
23:43:55.0984 2548 stisvc - ok
23:43:56.0031 2548 [ 77813007BA6265C4B6098187E6ED79D2 ] streamip C:\WINDOWS\system32\DRIVERS\StreamIP.sys
23:43:56.0140 2548 streamip - ok
23:43:56.0171 2548 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
23:43:56.0296 2548 swenum - ok
23:43:56.0328 2548 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
23:43:56.0453 2548 swmidi - ok
23:43:56.0468 2548 SwPrv - ok
23:43:56.0468 2548 symc810 - ok
23:43:56.0484 2548 symc8xx - ok
23:43:56.0500 2548 SYMIDSCO - ok
23:43:56.0515 2548 sym_hi - ok
23:43:56.0515 2548 sym_u3 - ok
23:43:56.0562 2548 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
23:43:56.0687 2548 sysaudio - ok
23:43:56.0734 2548 [ C7ABBC59B43274B1109DF6B24D617051 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
23:43:56.0843 2548 SysmonLog - ok
23:43:56.0875 2548 [ 3CB78C17BB664637787C9A1C98F79C38 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
23:43:57.0000 2548 TapiSrv - ok
23:43:57.0046 2548 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
23:43:57.0093 2548 Tcpip - ok
23:43:57.0125 2548 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
23:43:57.0296 2548 TDPIPE - ok
23:43:57.0312 2548 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
23:43:57.0437 2548 TDTCP - ok
23:43:57.0468 2548 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
23:43:57.0578 2548 TermDD - ok
23:43:57.0609 2548 [ FF3477C03BE7201C294C35F684B3479F ] TermService C:\WINDOWS\System32\termsrv.dll
23:43:57.0734 2548 TermService - ok
23:43:57.0765 2548 [ 99BC0B50F511924348BE19C7C7313BBF ] Themes C:\WINDOWS\System32\shsvcs.dll
23:43:57.0781 2548 Themes - ok
23:43:57.0796 2548 TosIde - ok
23:43:57.0796 2548 [ 55BCA12F7F523D35CA3CB833C725F54E ] TrkWks C:\WINDOWS\system32\trkwks.dll
23:43:57.0937 2548 TrkWks - ok
23:43:57.0968 2548 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
23:43:58.0093 2548 Udfs - ok
23:43:58.0093 2548 ultra - ok
23:43:58.0140 2548 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
23:43:58.0281 2548 Update - ok
23:43:58.0296 2548 [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 ] upnphost C:\WINDOWS\System32\upnphost.dll
23:43:58.0421 2548 upnphost - ok
23:43:58.0453 2548 [ F5D2AA9D56A3A01A190D01CD961BA0E7 ] upperdev C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys
23:43:58.0500 2548 upperdev - ok
23:43:58.0531 2548 [ 05365FB38FCA1E98F7A566AAAF5D1815 ] UPS C:\WINDOWS\System32\ups.exe
23:43:58.0656 2548 UPS - ok
23:43:58.0687 2548 [ C1CA131F4E3ED63D6BC89A35FFAD4CDA ] USBAAPL C:\WINDOWS\system32\Drivers\usbaapl.sys
23:43:58.0718 2548 USBAAPL - ok
23:43:58.0750 2548 [ E919708DB44ED8543A7C017953148330 ] usbaudio C:\WINDOWS\system32\drivers\usbaudio.sys
23:43:58.0859 2548 usbaudio - ok
23:43:58.0890 2548 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
23:43:59.0015 2548 usbccgp - ok
23:43:59.0046 2548 [ D21CDE1C635BCC5053463579EEE453CF ] USBCM C:\WINDOWS\system32\DRIVERS\Sacm1K.sys
23:43:59.0062 2548 USBCM ( UnsignedFile.Multi.Generic ) - warning
23:43:59.0062 2548 USBCM - detected UnsignedFile.Multi.Generic (1)
23:43:59.0093 2548 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
23:43:59.0218 2548 usbehci - ok
23:43:59.0234 2548 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
23:43:59.0343 2548 usbhub - ok
23:43:59.0453 2548 [ 0DAECCE65366EA32B162F85F07C6753B ] usbohci C:\WINDOWS\system32\DRIVERS\usbohci.sys
23:43:59.0593 2548 usbohci - ok
23:43:59.0609 2548 [ 1C888B000C2F9492F4B15B5B6B84873E ] usbser C:\WINDOWS\system32\drivers\usbser.sys
23:43:59.0718 2548 usbser - ok
23:43:59.0750 2548 [ EB2D3830646E393776E1EF98AC76A43D ] UsbserFilt C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys
23:43:59.0796 2548 UsbserFilt - ok
23:43:59.0828 2548 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
23:43:59.0953 2548 USBSTOR - ok
23:43:59.0984 2548 [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
23:44:00.0109 2548 usbuhci - ok
23:44:00.0156 2548 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
23:44:00.0265 2548 VgaSave - ok
23:44:00.0265 2548 viaagp1 - ok
23:44:00.0312 2548 [ 220D565A3AFDEA901DABC67A5C81A121 ] viagfx C:\WINDOWS\system32\DRIVERS\vtmini.sys
23:44:00.0343 2548 viagfx - ok
23:44:00.0359 2548 [ 3B3EFCDA263B8AC14FDF9CBDD0791B2E ] ViaIde C:\WINDOWS\system32\DRIVERS\viaide.sys
23:44:00.0468 2548 ViaIde - ok
23:44:00.0500 2548 [ 4C8FCB5CC53AAB716D810740FE59D025 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
23:44:00.0625 2548 VolSnap - ok
23:44:00.0687 2548 [ 7A9DB3A67C333BF0BD42E42B8596854B ] VSS C:\WINDOWS\System32\vssvc.exe
23:44:00.0796 2548 VSS - ok
23:44:00.0828 2548 [ 54AF4B1D5459500EF0937F6D33B1914F ] W32Time C:\WINDOWS\system32\w32time.dll
23:44:00.0937 2548 W32Time - ok
23:44:00.0953 2548 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
23:44:01.0078 2548 Wanarp - ok
23:44:01.0125 2548 [ FD47474BD21794508AF449D9D91AF6E6 ] Wdf01000 C:\WINDOWS\system32\DRIVERS\Wdf01000.sys
23:44:01.0156 2548 Wdf01000 - ok
23:44:01.0156 2548 WDICA - ok
23:44:01.0203 2548 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
23:44:01.0328 2548 wdmaud - ok
23:44:01.0359 2548 [ 77A354E28153AD2D5E120A5A8687BC06 ] WebClient C:\WINDOWS\System32\webclnt.dll
23:44:01.0484 2548 WebClient - ok
23:44:01.0562 2548 [ 2D0E4ED081963804CCC196A0929275B5 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
23:44:01.0671 2548 winmgmt - ok
23:44:01.0718 2548 [ 051B1BDECD6DEE18C771B5D5EC7F044D ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
23:44:01.0781 2548 WmdmPmSN - ok
23:44:01.0812 2548 [ E0673F1106E62A68D2257E376079F821 ] WmiApSrv C:\WINDOWS\System32\wbem\wmiapsrv.exe
23:44:01.0937 2548 WmiApSrv - ok
23:44:02.0031 2548 [ 6BAB4DC65515A098505F8B3D01FB6FE5 ] WMPNetworkSvc C:\Program Files\Windows Media Player\WMPNetwk.exe
23:44:02.0093 2548 WMPNetworkSvc - ok
23:44:02.0218 2548 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
23:44:02.0250 2548 WPFFontCache_v0400 - ok
23:44:02.0296 2548 [ C98B39829C2BBD34E454150633C62C78 ] WSTCODEC C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
23:44:02.0421 2548 WSTCODEC - ok
23:44:02.0453 2548 [ 50EB9E21963B4F06FD010D007D54351B ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
23:44:02.0515 2548 WudfPf - ok
23:44:02.0546 2548 [ 6E209664BDEA8A15B5E8E480D6C607C2 ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys
23:44:02.0562 2548 WudfRd - ok
23:44:02.0593 2548 [ AE93084D2D236887BA56467AE42B4955 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
23:44:02.0625 2548 WudfSvc - ok
23:44:02.0703 2548 [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
23:44:02.0843 2548 WZCSVC - ok
23:44:02.0859 2548 [ 295D21F14C335B53CB8154E5B1F892B9 ] xmlprov C:\WINDOWS\System32\xmlprov.dll
23:44:02.0984 2548 xmlprov - ok
23:44:03.0015 2548 ================ Scan global ===============================
23:44:03.0046 2548 [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll
23:44:03.0093 2548 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll
23:44:03.0109 2548 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll
23:44:03.0125 2548 [ 65DF52F5B8B6E9BBD183505225C37315 ] C:\WINDOWS\system32\services.exe
23:44:03.0125 2548 [Global] - ok
23:44:03.0125 2548 ================ Scan MBR ==================================
23:44:03.0156 2548 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0
23:44:03.0328 2548 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
23:44:03.0328 2548 \Device\Harddisk0\DR0 - detected TDSS File System (1)
23:44:03.0328 2548 ================ Scan VBR ==================================
23:44:03.0343 2548 [ 26805FF309E9E2B363680EA1812DD695 ] \Device\Harddisk0\DR0\Partition1
23:44:03.0343 2548 \Device\Harddisk0\DR0\Partition1 - ok
23:44:03.0343 2548 [ 51BF0B28FBEEDDA7E13FD57DBFCA86D2 ] \Device\Harddisk0\DR0\Partition2
23:44:03.0343 2548 \Device\Harddisk0\DR0\Partition2 - ok
23:44:03.0343 2548 ================ Scan active images ========================
23:44:03.0343 2548 [ A32BEBAF723557681BFC6BD93E98BD26 ] C:\WINDOWS\system32\drivers\processr.sys
23:44:03.0343 2548 C:\WINDOWS\system32\drivers\processr.sys - ok
23:44:03.0359 2548 [ E28726B72C46821A28830E077D39A55B ] C:\WINDOWS\system32\drivers\videoprt.sys
23:44:03.0359 2548 C:\WINDOWS\system32\drivers\videoprt.sys - ok
23:44:03.0359 2548 [ 9E143FB3EF13B7EC1C1DD06529DEBADD ] C:\WINDOWS\system32\drivers\nv4_mini.sys
23:44:03.0359 2548 C:\WINDOWS\system32\drivers\nv4_mini.sys - ok
23:44:03.0359 2548 [ 573C7D0A32852B48F3058CFD8026F511 ] C:\WINDOWS\system32\drivers\hdaudbus.sys
23:44:03.0359 2548 C:\WINDOWS\system32\drivers\hdaudbus.sys - ok
23:44:03.0375 2548 [ 791912E524CC2CC6F50B5F2B52D1EB71 ] C:\WINDOWS\system32\drivers\usbport.sys
23:44:03.0375 2548 C:\WINDOWS\system32\drivers\usbport.sys - ok
23:44:03.0375 2548 [ 26496F9DEE2D787FC3E61AD54821FFE6 ] C:\WINDOWS\system32\drivers\usbuhci.sys
23:44:03.0375 2548 C:\WINDOWS\system32\drivers\usbuhci.sys - ok
23:44:03.0375 2548 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] C:\WINDOWS\system32\drivers\usbehci.sys
23:44:03.0375 2548 C:\WINDOWS\system32\drivers\usbehci.sys - ok
23:44:03.0390 2548 [ E9E47CFB2D461FA0FC75B7A74C6383EA ] C:\WINDOWS\system32\drivers\nic1394.sys
23:44:03.0390 2548 C:\WINDOWS\system32\drivers\nic1394.sys - ok
23:44:03.0390 2548 [ 67C9511A760149797E806FFD9F14AD37 ] C:\WINDOWS\system32\drivers\Rtnicxp.sys
23:44:03.0390 2548 C:\WINDOWS\system32\drivers\Rtnicxp.sys - ok
23:44:03.0390 2548 [ 23EA4D861FAA8A010DB153F9819FB4F7 ] C:\WINDOWS\system32\drivers\PCTELSAP.SYS
23:44:03.0390 2548 C:\WINDOWS\system32\drivers\PCTELSAP.SYS - ok
23:44:03.0406 2548 [ 0753515F78DF7F271A5E61C20BCD36A1 ] C:\WINDOWS\system32\drivers\ks.sys
23:44:03.0406 2548 C:\WINDOWS\system32\drivers\ks.sys - ok
23:44:03.0406 2548 [ 994A42D273C35B43EE9D1E8A5D8BC639 ] C:\WINDOWS\system32\drivers\AGRSM.sys
23:44:03.0406 2548 C:\WINDOWS\system32\drivers\AGRSM.sys - ok
23:44:03.0406 2548 [ 596EB39B50D6EBD9B734DC4AE0544693 ] C:\WINDOWS\system32\drivers\usbd.sys
23:44:03.0406 2548 C:\WINDOWS\system32\drivers\usbd.sys - ok
23:44:03.0421 2548 [ DFCBAD3CEC1C5F964962AE10E0BCC8E1 ] C:\WINDOWS\system32\drivers\modem.sys
23:44:03.0421 2548 C:\WINDOWS\system32\drivers\modem.sys - ok
23:44:03.0421 2548 [ 5575FAF8F97CE5E713D108C2A58D7C7C ] C:\WINDOWS\system32\drivers\parport.sys
23:44:03.0421 2548 C:\WINDOWS\system32\drivers\parport.sys - ok
23:44:03.0421 2548 [ 4A0B06AA8943C1E332520F7440C0AA30 ] C:\WINDOWS\system32\drivers\i8042prt.sys
23:44:03.0421 2548 C:\WINDOWS\system32\drivers\i8042prt.sys - ok
23:44:03.0437 2548 [ 9B793A1FFD480155FE9EE5261153F21B ] C:\WINDOWS\system32\drivers\PS2.sys
23:44:03.0437 2548 C:\WINDOWS\system32\drivers\PS2.sys - ok
23:44:03.0437 2548 [ 083A052659F5310DD8B6A6CB05EDCF8E ] C:\WINDOWS\system32\drivers\imapi.sys
23:44:03.0437 2548 C:\WINDOWS\system32\drivers\imapi.sys - ok
23:44:03.0437 2548 [ 463C1EC80CD17420A542B7F36A36F128 ] C:\WINDOWS\system32\drivers\kbdclass.sys
23:44:03.0437 2548 C:\WINDOWS\system32\drivers\kbdclass.sys - ok
23:44:03.0453 2548 [ 444F122E68DB44C0589227781F3C8B3F ] C:\WINDOWS\system32\drivers\pfc.sys
23:44:03.0453 2548 C:\WINDOWS\system32\drivers\pfc.sys - ok
23:44:03.0453 2548 [ 1F4260CC5B42272D71F79E570A27A4FE ] C:\WINDOWS\system32\drivers\cdrom.sys
23:44:03.0453 2548 C:\WINDOWS\system32\drivers\cdrom.sys - ok
23:44:03.0453 2548 [ F59C3569A2F2C464BB78CB1BDCDCA55E ] C:\WINDOWS\system32\drivers\iviaspi.sys
23:44:03.0453 2548 C:\WINDOWS\system32\drivers\iviaspi.sys - ok
23:44:03.0468 2548 [ F828DD7E1419B6653894A8F97A0094C5 ] C:\WINDOWS\system32\drivers\redbook.sys
23:44:03.0468 2548 C:\WINDOWS\system32\drivers\redbook.sys - ok
23:44:03.0468 2548 [ AB8A6A87D9D7255C3884D5B9541A6E80 ] C:\WINDOWS\system32\drivers\GEARAspiWDM.sys
23:44:03.0468 2548 C:\WINDOWS\system32\drivers\GEARAspiWDM.sys - ok
23:44:03.0468 2548 [ D9F724AA26C010A217C97606B160ED68 ] C:\WINDOWS\system32\drivers\audstub.sys
23:44:03.0468 2548 C:\WINDOWS\system32\drivers\audstub.sys - ok
23:44:03.0484 2548 [ 0109C4F3850DFBAB279542515386AE22 ] C:\WINDOWS\system32\drivers\ndistapi.sys
23:44:03.0484 2548 C:\WINDOWS\system32\drivers\ndistapi.sys - ok
23:44:03.0484 2548 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] C:\WINDOWS\system32\drivers\rasl2tp.sys
23:44:03.0484 2548 C:\WINDOWS\system32\drivers\rasl2tp.sys - ok
23:44:03.0484 2548 [ EDC1531A49C80614B2CFDA43CA8659AB ] C:\WINDOWS\system32\drivers\ndiswan.sys
23:44:03.0484 2548 C:\WINDOWS\system32\drivers\ndiswan.sys - ok
23:44:03.0500 2548 [ 5BC962F2654137C9909C3D4603587DEE ] C:\WINDOWS\system32\drivers\raspppoe.sys
23:44:03.0500 2548 C:\WINDOWS\system32\drivers\raspppoe.sys - ok
23:44:03.0500 2548 [ 0539D5E53587F82D1B4FD74C5BE205CF ] C:\WINDOWS\system32\drivers\tdi.sys
23:44:03.0500 2548 C:\WINDOWS\system32\drivers\tdi.sys - ok
23:44:03.0515 2548 [ 09298EC810B07E5D582CB3A3F9255424 ] C:\WINDOWS\system32\drivers\psched.sys
23:44:03.0515 2548 C:\WINDOWS\system32\drivers\psched.sys - ok
23:44:03.0515 2548 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] C:\WINDOWS\system32\drivers\raspptp.sys
23:44:03.0515 2548 C:\WINDOWS\system32\drivers\raspptp.sys - ok
23:44:03.0531 2548 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] C:\WINDOWS\system32\drivers\msgpc.sys
23:44:03.0531 2548 C:\WINDOWS\system32\drivers\msgpc.sys - ok
23:44:03.0531 2548 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] C:\WINDOWS\system32\drivers\ptilink.sys
23:44:03.0531 2548 C:\WINDOWS\system32\drivers\ptilink.sys - ok
23:44:03.0531 2548 [ FDBB1D60066FCFBB7452FD8F9829B242 ] C:\WINDOWS\system32\drivers\raspti.sys
23:44:03.0531 2548 C:\WINDOWS\system32\drivers\raspti.sys - ok
23:44:03.0546 2548 [ 35C9E97194C8CFB8430125F8DBC34D04 ] C:\WINDOWS\system32\drivers\mouclass.sys
23:44:03.0546 2548 C:\WINDOWS\system32\drivers\mouclass.sys - ok
23:44:03.0546 2548 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] C:\WINDOWS\system32\drivers\swenum.sys
23:44:03.0546 2548 C:\WINDOWS\system32\drivers\swenum.sys - ok
23:44:03.0546 2548 [ 88155247177638048422893737429D9E ] C:\WINDOWS\system32\drivers\termdd.sys
23:44:03.0546 2548 C:\WINDOWS\system32\drivers\termdd.sys - ok
23:44:03.0562 2548 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] C:\WINDOWS\system32\drivers\update.sys
23:44:03.0562 2548 C:\WINDOWS\system32\drivers\update.sys - ok
23:44:03.0562 2548 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] C:\WINDOWS\system32\drivers\mssmbios.sys
23:44:03.0562 2548 C:\WINDOWS\system32\drivers\mssmbios.sys - ok
23:44:03.0562 2548 [ 9282BD12DFB069D3889EB3FCC1000A9B ] C:\WINDOWS\system32\drivers\ndproxy.sys
23:44:03.0562 2548 C:\WINDOWS\system32\drivers\ndproxy.sys - ok
23:44:03.0578 2548 [ 6CB08593487F5701D2D2254E693EAFCE ] C:\WINDOWS\system32\drivers\drmk.sys
23:44:03.0578 2548 C:\WINDOWS\system32\drivers\drmk.sys - ok
23:44:03.0578 2548 [ E82A496C3961EFC6828B508C310CE98F ] C:\WINDOWS\system32\drivers\portcls.sys
23:44:03.0578 2548 C:\WINDOWS\system32\drivers\portcls.sys - ok
23:44:03.0578 2548 [ EAFD29C7918325B45E0DABAFD82EF75F ] C:\WINDOWS\system32\drivers\RtkHDAud.sys
23:44:03.0578 2548 C:\WINDOWS\system32\drivers\RtkHDAud.sys - ok
23:44:03.0593 2548 [ 1AB3CDDE553B6E064D2E754EFE20285C ] C:\WINDOWS\system32\drivers\usbhub.sys
23:44:03.0593 2548 C:\WINDOWS\system32\drivers\usbhub.sys - ok
23:44:03.0593 2548 [ C1B486A7658353D33A10CC15211A873B ] C:\WINDOWS\system32\drivers\cdaudio.sys
23:44:03.0593 2548 C:\WINDOWS\system32\drivers\cdaudio.sys - ok
23:44:03.0593 2548 [ 8E6B8C671615D126FDC553D1E2DE5562 ] C:\WINDOWS\system32\drivers\sfloppy.sys
23:44:03.0593 2548 C:\WINDOWS\system32\drivers\sfloppy.sys - ok
23:44:03.0609 2548 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] C:\WINDOWS\system32\drivers\fs_rec.sys
23:44:03.0609 2548 C:\WINDOWS\system32\drivers\fs_rec.sys - ok
23:44:03.0609 2548 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] C:\WINDOWS\system32\drivers\null.sys
23:44:03.0609 2548 C:\WINDOWS\system32\drivers\null.sys - ok
23:44:03.0609 2548 [ DA1F27D85E0D1525F6621372E7B685E9 ] C:\WINDOWS\system32\drivers\beep.sys
23:44:03.0609 2548 C:\WINDOWS\system32\drivers\beep.sys - ok
23:44:03.0625 2548 [ 96ECCF28FDBF1B2CC12725818A63628D ] C:\WINDOWS\system32\drivers\hidparse.sys
23:44:03.0625 2548 C:\WINDOWS\system32\drivers\hidparse.sys - ok
23:44:03.0625 2548 [ 9EF487A186DEA361AA06913A75B3FA99 ] C:\WINDOWS\system32\drivers\kbdhid.sys
23:44:03.0625 2548 C:\WINDOWS\system32\drivers\kbdhid.sys - ok
23:44:03.0625 2548 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] C:\WINDOWS\system32\drivers\mnmdd.sys
23:44:03.0625 2548 C:\WINDOWS\system32\drivers\mnmdd.sys - ok
23:44:03.0625 2548 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] C:\WINDOWS\system32\drivers\vga.sys
23:44:03.0625 2548 C:\WINDOWS\system32\drivers\vga.sys - ok
23:44:03.0640 2548 [ 4912D5B403614CE99C28420F75353332 ] C:\WINDOWS\system32\drivers\rdpcdd.sys
23:44:03.0640 2548 C:\WINDOWS\system32\drivers\rdpcdd.sys - ok
23:44:03.0640 2548 [ C941EA2454BA8350021D774DAF0F1027 ] C:\WINDOWS\system32\drivers\msfs.sys
23:44:03.0640 2548 C:\WINDOWS\system32\drivers\msfs.sys - ok
23:44:03.0640 2548 [ 3182D64AE053D6FB034F44B6DEF8034A ] C:\WINDOWS\system32\drivers\npfs.sys
23:44:03.0640 2548 C:\WINDOWS\system32\drivers\npfs.sys - ok
23:44:03.0656 2548 [ 23C74D75E36E7158768DD63D92789A91 ] C:\WINDOWS\system32\drivers\ipsec.sys
23:44:03.0656 2548 C:\WINDOWS\system32\drivers\ipsec.sys - ok
23:44:03.0656 2548 [ FE0D99D6F31E4FAD8159F690D68DED9C ] C:\WINDOWS\system32\drivers\rasacd.sys
23:44:03.0656 2548 C:\WINDOWS\system32\drivers\rasacd.sys - ok
23:44:03.0656 2548 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] C:\WINDOWS\system32\drivers\tcpip.sys
23:44:03.0656 2548 C:\WINDOWS\system32\drivers\tcpip.sys - ok
23:44:03.0671 2548 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] C:\WINDOWS\system32\drivers\netbt.sys
23:44:03.0671 2548 C:\WINDOWS\system32\drivers\netbt.sys - ok
23:44:03.0671 2548 [ E20B95BAEDB550F32DD489265C1DA1F6 ] C:\WINDOWS\system32\drivers\wanarp.sys
23:44:03.0671 2548 C:\WINDOWS\system32\drivers\wanarp.sys - ok
23:44:03.0687 2548 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] C:\WINDOWS\system32\drivers\afd.sys
23:44:03.0687 2548 C:\WINDOWS\system32\drivers\afd.sys - ok
23:44:03.0687 2548 [ B5B8A80875C1DEDEDA8B02765642C32F ] C:\WINDOWS\system32\drivers\arp1394.sys
23:44:03.0687 2548 C:\WINDOWS\system32\drivers\arp1394.sys - ok
23:44:03.0687 2548 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] C:\WINDOWS\system32\drivers\netbios.sys
23:44:03.0687 2548 C:\WINDOWS\system32\drivers\netbios.sys - ok
23:44:03.0703 2548 [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] C:\WINDOWS\system32\drivers\serial.sys
23:44:03.0703 2548 C:\WINDOWS\system32\drivers\serial.sys - ok
23:44:03.0703 2548 [ 8FCE268CDBDD83B23419D1F35F42C7B1 ] C:\WINDOWS\system32\drivers\amdk7.sys
23:44:03.0703 2548 C:\WINDOWS\system32\drivers\amdk7.sys - ok
23:44:03.0703 2548 [ 8C953733D8F36EB2133F5BB58808B66B ] C:\WINDOWS\system32\drivers\intelppm.sys
23:44:03.0703 2548 C:\WINDOWS\system32\drivers\intelppm.sys - ok
23:44:03.0718 2548 [ 02960A9C3F4E5178EDBD9C0D2D995B3B ] C:\WINDOWS\system32\drivers\srvkp.sys
23:44:03.0718 2548 C:\WINDOWS\system32\drivers\srvkp.sys - ok
23:44:03.0718 2548 [ 7AD224AD1A1437FE28D89CF22B17780A ] C:\WINDOWS\system32\drivers\rdbss.sys
23:44:03.0718 2548 C:\WINDOWS\system32\drivers\rdbss.sys - ok
23:44:03.0718 2548 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] C:\WINDOWS\system32\drivers\mrxsmb.sys
23:44:03.0718 2548 C:\WINDOWS\system32\drivers\mrxsmb.sys - ok
23:44:03.0734 2548 [ D45926117EB9FA946A6AF572FBE1CAA3 ] C:\WINDOWS\system32\drivers\fips.sys
23:44:03.0734 2548 C:\WINDOWS\system32\drivers\fips.sys - ok
23:44:03.0734 2548 [ F8F0D25CA553E39DDE485D8FC7FCCE89 ] C:\WINDOWS\system32\ntdll.dll
23:44:03.0734 2548 C:\WINDOWS\system32\ntdll.dll - ok
23:44:03.0734 2548 [ 5F816C1F539266D2D4C78694239DA0B5 ] C:\WINDOWS\system32\smss.exe
23:44:03.0734 2548 C:\WINDOWS\system32\smss.exe - ok
23:44:03.0750 2548 [ 173F317CE0DB8E21322E71B7E60A27E8 ] C:\WINDOWS\system32\drivers\usbccgp.sys
23:44:03.0750 2548 C:\WINDOWS\system32\drivers\usbccgp.sys - ok
23:44:03.0750 2548 [ 23043C91A0F9DFB4B9E9F87B680863B4 ] C:\WINDOWS\system32\autochk.exe
23:44:03.0750 2548 C:\WINDOWS\system32\autochk.exe - ok
23:44:03.0750 2548 [ 38D332A6D56AF32635675F132548343E ] C:\WINDOWS\system32\drivers\fastfat.sys
23:44:03.0750 2548 C:\WINDOWS\system32\drivers\fastfat.sys - ok
23:44:03.0765 2548 [ 9DD07AF82244867CA36681EA2D29CE79 ] C:\WINDOWS\system32\sfcfiles.dll
23:44:03.0765 2548 C:\WINDOWS\system32\sfcfiles.dll - ok
23:44:03.0765 2548 [ A32426D9B14A089EAA1D922E0C5801A9 ] C:\WINDOWS\system32\drivers\usbstor.sys
23:44:03.0765 2548 C:\WINDOWS\system32\drivers\usbstor.sys - ok
23:44:03.0765 2548 [ E2E588D92C8E151CD3515EE09FEC90E2 ] C:\WINDOWS\system32\drivers\rt2870.sys
23:44:03.0765 2548 C:\WINDOWS\system32\drivers\rt2870.sys - ok
23:44:03.0781 2548 [ 1AF592532532A402ED7C060F6954004F ] C:\WINDOWS\system32\drivers\hidclass.sys
23:44:03.0781 2548 C:\WINDOWS\system32\drivers\hidclass.sys - ok
23:44:03.0781 2548 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] C:\WINDOWS\system32\drivers\hidusb.sys
23:44:03.0781 2548 C:\WINDOWS\system32\drivers\hidusb.sys - ok
23:44:03.0781 2548 [ 01CC7FB6E790EF044B411377F3A1FF41 ] C:\WINDOWS\system32\drivers\LHidFilt.Sys
23:44:03.0781 2548 C:\WINDOWS\system32\drivers\LHidFilt.Sys - ok
23:44:03.0796 2548 [ B1C303E17FB9D46E87A98E4BA6769685 ] C:\WINDOWS\system32\drivers\mouhid.sys
23:44:03.0796 2548 C:\WINDOWS\system32\drivers\mouhid.sys - ok
23:44:03.0796 2548 [ FD47474BD21794508AF449D9D91AF6E6 ] C:\WINDOWS\system32\drivers\wdf01000.sys
23:44:03.0796 2548 C:\WINDOWS\system32\drivers\wdf01000.sys - ok
23:44:03.0796 2548 [ DED98A3E466251CCAB93D579144B048C ] C:\WINDOWS\system32\drivers\wdfldr.sys
23:44:03.0796 2548 C:\WINDOWS\system32\drivers\wdfldr.sys - ok
23:44:03.0812 2548 [ A2E7EAE8898D7B4B8C302B8F4E836BB5 ] C:\WINDOWS\system32\drivers\LMouFilt.Sys
23:44:03.0812 2548 C:\WINDOWS\system32\drivers\LMouFilt.Sys - ok
23:44:03.0812 2548 [ 2F31B7F954BED437F2C75026C65CAF7B ] C:\WINDOWS\system32\drivers\wmilib.sys
23:44:03.0812 2548 C:\WINDOWS\system32\drivers\wmilib.sys - ok
23:44:03.0812 2548 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] C:\WINDOWS\system32\drivers\atapi.sys
23:44:03.0812 2548 C:\WINDOWS\system32\drivers\atapi.sys - ok
23:44:03.0828 2548 [ FE97D0343ACFDEBDD578FC67CC91FA87 ] C:\WINDOWS\system32\drivers\dxapi.sys
23:44:03.0828 2548 C:\WINDOWS\system32\drivers\dxapi.sys - ok
23:44:03.0828 2548 [ 9A10AACBFDC4922715375FB4065EC930 ] C:\WINDOWS\system32\watchdog.sys
23:44:03.0828 2548 C:\WINDOWS\system32\watchdog.sys - ok
23:44:03.0828 2548 [ D6F934A361D7F0BE8271673988D4E7FD ] C:\WINDOWS\system32\win32k.sys
23:44:03.0828 2548 C:\WINDOWS\system32\win32k.sys - ok
23:44:03.0843 2548 [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll
23:44:03.0843 2548 C:\WINDOWS\system32\basesrv.dll - ok
23:44:03.0843 2548 [ DD40363ABAD230A84C5E2178B11EFA88 ] C:\WINDOWS\system32\csrsrv.dll
23:44:03.0843 2548 C:\WINDOWS\system32\csrsrv.dll - ok
23:44:03.0843 2548 [ 44F275C64738EA2056E3D9580C23B60F ] C:\WINDOWS\system32\csrss.exe
23:44:03.0843 2548 C:\WINDOWS\system32\csrss.exe - ok
23:44:03.0859 2548 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll
23:44:03.0859 2548 C:\WINDOWS\system32\winsrv.dll - ok
23:44:03.0859 2548 [ 8B1F3320AEBB536E021A5014409862DE ] C:\WINDOWS\system32\gdi32.dll
23:44:03.0859 2548 C:\WINDOWS\system32\gdi32.dll - ok
23:44:03.0859 2548 [ B921FB870C9AC0D509B2CCABBBBE95F3 ] C:\WINDOWS\system32\kernel32.dll
23:44:03.0859 2548 C:\WINDOWS\system32\kernel32.dll - ok
23:44:03.0875 2548 [ B26B135FF1B9F60C9388B4A7D16F600B ] C:\WINDOWS\system32\user32.dll
23:44:03.0875 2548 C:\WINDOWS\system32\user32.dll - ok
23:44:03.0875 2548 [ AC7280566A7BB85CB3291F04DDC1198E ] C:\WINDOWS\system32\drivers\dxg.sys
23:44:03.0875 2548 C:\WINDOWS\system32\drivers\dxg.sys - ok
23:44:03.0875 2548 [ A73F5D6705B1D820C19B18782E176EFD ] C:\WINDOWS\system32\drivers\dxgthk.sys
23:44:03.0875 2548 C:\WINDOWS\system32\drivers\dxgthk.sys - ok
23:44:03.0890 2548 [ F6AA886CAC3E2B64DBF1A99CCFC86806 ] C:\WINDOWS\system32\nv4_disp.dll
23:44:03.0890 2548 C:\WINDOWS\system32\nv4_disp.dll - ok
23:44:03.0890 2548 [ ECB7591870F8BFB1A4C17B718AD5A4AA ] C:\WINDOWS\system32\vga.dll
23:44:03.0890 2548 C:\WINDOWS\system32\vga.dll - ok
23:44:03.0890 2548 [ ED0EF0A136DEC83DF69F04118870003E ] C:\WINDOWS\system32\winlogon.exe
23:44:03.0890 2548 C:\WINDOWS\system32\winlogon.exe - ok
23:44:03.0906 2548 [ E76F8807070ED04E7408A86D6D3A6137 ] C:\WINDOWS\system32\advapi32.dll
23:44:03.0906 2548 C:\WINDOWS\system32\advapi32.dll - ok
23:44:03.0906 2548 [ D4502F124289A31976130CCCB014C9AA ] C:\WINDOWS\system32\rpcrt4.dll
23:44:03.0906 2548 C:\WINDOWS\system32\rpcrt4.dll - ok
23:44:03.0906 2548 [ 5357826C8A8DD6A07F17C48BB45BE46E ] C:\WINDOWS\system32\secur32.dll
23:44:03.0906 2548 C:\WINDOWS\system32\secur32.dll - ok
23:44:03.0921 2548 [ 714705F29A917993536A6AB2DEDB0B7F ] C:\WINDOWS\system32\authz.dll
23:44:03.0921 2548 C:\WINDOWS\system32\authz.dll - ok
23:44:03.0921 2548 [ 355EDBB4D412B01F1740C17E3F50FA00 ] C:\WINDOWS\system32\msvcrt.dll
23:44:03.0921 2548 C:\WINDOWS\system32\msvcrt.dll - ok
23:44:03.0921 2548 [ 64416C6E07606720C1ECE6DD374BDFFD ] C:\WINDOWS\system32\crypt32.dll
23:44:03.0921 2548 C:\WINDOWS\system32\crypt32.dll - ok
23:44:03.0937 2548 [ 04D898830DF96A17A20FD35D7590F87E ] C:\WINDOWS\system32\msasn1.dll
23:44:03.0937 2548 C:\WINDOWS\system32\msasn1.dll - ok
23:44:03.0937 2548 [ 013C1148C1EC025596896E093F60F608 ] C:\WINDOWS\system32\nddeapi.dll
23:44:03.0937 2548 C:\WINDOWS\system32\nddeapi.dll - ok
23:44:03.0937 2548 [ CAC752BF84DB4666ED3CE0948E6EA937 ] C:\WINDOWS\system32\netapi32.dll
23:44:03.0937 2548 C:\WINDOWS\system32\netapi32.dll - ok
23:44:03.0953 2548 [ FCFA1C55971CC229D353B3A15ACCD995 ] C:\WINDOWS\system32\profmap.dll
23:44:03.0953 2548 C:\WINDOWS\system32\profmap.dll - ok
23:44:03.0953 2548 [ 43D13C80EBEC0135A3611E0F616F179B ] C:\WINDOWS\system32\userenv.dll
23:44:03.0953 2548 C:\WINDOWS\system32\userenv.dll - ok
23:44:03.0953 2548 [ 9CFCB3CA3D83B4EAA133F0644A2C6F31 ] C:\WINDOWS\system32\psapi.dll
23:44:03.0953 2548 C:\WINDOWS\system32\psapi.dll - ok
23:44:03.0968 2548 [ AF11C591F2F4AFF4A6CF699D376F618B ] C:\WINDOWS\system32\regapi.dll
23:44:03.0968 2548 C:\WINDOWS\system32\regapi.dll - ok
23:44:03.0968 2548 [ 24192246760E0E64435522E246B1D6C2 ] C:\WINDOWS\system32\setupapi.dll
23:44:03.0968 2548 C:\WINDOWS\system32\setupapi.dll - ok
23:44:03.0968 2548 [ C7CE131408739B0B3A318BE2D0032719 ] C:\WINDOWS\system32\version.dll
23:44:03.0968 2548 C:\WINDOWS\system32\version.dll - ok
23:44:03.0984 2548 [ 430CEB794F6E6EF8AC86958C242366D6 ] C:\WINDOWS\system32\winsta.dll
23:44:03.0984 2548 C:\WINDOWS\system32\winsta.dll - ok
23:44:03.0984 2548 [ 95F5C420E9BDD4C3569602911420A774 ] C:\WINDOWS\system32\wintrust.dll
23:44:03.0984 2548 C:\WINDOWS\system32\wintrust.dll - ok
23:44:03.0984 2548 [ FFC01A72D1C25CCB39F61B202CE60819 ] C:\WINDOWS\system32\imagehlp.dll
23:44:03.0984 2548 C:\WINDOWS\system32\imagehlp.dll - ok
23:44:04.0000 2548 [ 9789E95E1D88EEB4B922BF3EA7779C28 ] C:\WINDOWS\system32\ws2help.dll
23:44:04.0000 2548 C:\WINDOWS\system32\ws2help.dll - ok
23:44:04.0000 2548 [ 2CCC474EB85CEAA3E1FA1726580A3E5A ] C:\WINDOWS\system32\ws2_32.dll
23:44:04.0000 2548 C:\WINDOWS\system32\ws2_32.dll - ok
23:44:04.0000 2548 [ 0DA85218E92526972A821587E6A8BF8F ] C:\WINDOWS\system32\imm32.dll
23:44:04.0000 2548 C:\WINDOWS\system32\imm32.dll - ok
23:44:04.0015 2548 [ DAB9952E3626D84E74CBF4958B1B1F52 ] C:\WINDOWS\system32\kbduk.dll
23:44:04.0015 2548 C:\WINDOWS\system32\kbduk.dll - ok
23:44:04.0015 2548 [ 56C5B179FE3308B655EB6208C3256FEC ] C:\WINDOWS\system32\kbdus.dll
23:44:04.0015 2548 C:\WINDOWS\system32\kbdus.dll - ok
23:44:04.0031 2548 [ D7B7A57C0E57C836F18CF12A4C62A1CA ] C:\WINDOWS\system32\msgina.dll
23:44:04.0031 2548 C:\WINDOWS\system32\msgina.dll - ok
23:44:04.0031 2548 [ 93AFB83FBC1F9443CAC722FCA63D73BF ] C:\WINDOWS\system32\comctl32.dll
23:44:04.0031 2548 C:\WINDOWS\system32\comctl32.dll - ok
23:44:04.0031 2548 [ 40B0F98BAD16AD5DEF894E88C3EF8014 ] C:\WINDOWS\system32\odbc32.dll
23:44:04.0031 2548 C:\WINDOWS\system32\odbc32.dll - ok
23:44:04.0031 2548 [ 86987A5000DFA3EBE2275C0456BCF2FE ] C:\WINDOWS\system32\comdlg32.dll
23:44:04.0046 2548 C:\WINDOWS\system32\comdlg32.dll - ok
23:44:04.0046 2548 [ 6843D54BC4A40CC8C5741AF750233D10 ] C:\WINDOWS\system32\shell32.dll
23:44:04.0046 2548 C:\WINDOWS\system32\shell32.dll - ok
23:44:04.0046 2548 [ C448A248B743F5FB935C787A5D97268B ] C:\WINDOWS\system32\shlwapi.dll
23:44:04.0046 2548 C:\WINDOWS\system32\shlwapi.dll - ok
23:44:04.0062 2548 [ 694503348B586E99D56C0E30AB5B3EF8 ] C:\WINDOWS\system32\sxs.dll
23:44:04.0062 2548 C:\WINDOWS\system32\sxs.dll - ok
23:44:04.0062 2548 [ 6B7C6B32F8E84D56C6260D684019FEA2 ] C:\WINDOWS\system32\odbcint.dll
23:44:04.0062 2548 C:\WINDOWS\system32\odbcint.dll - ok
23:44:04.0062 2548 [ 736B12B725AEB2B07F0241A9F680CB10 ] C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
23:44:04.0062 2548 C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll - ok
23:44:04.0078 2548 [ 99BC0B50F511924348BE19C7C7313BBF ] C:\WINDOWS\system32\shsvcs.dll
23:44:04.0078 2548 C:\WINDOWS\system32\shsvcs.dll - ok
23:44:04.0078 2548 [ 96E1C926F22EE1BFBAE82901A35F6BF3 ] C:\WINDOWS\system32\sfc.dll
23:44:04.0078 2548 C:\WINDOWS\system32\sfc.dll - ok
23:44:04.0078 2548 [ 6B5DB6789177A4FD0DEBC248041D0739 ] C:\WINDOWS\system32\sfc_os.dll
23:44:04.0078 2548 C:\WINDOWS\system32\sfc_os.dll - ok
23:44:04.0093 2548 [ 6BAD1BED9872E62049E487FB91AE2F3A ] C:\WINDOWS\system32\ole32.dll
23:44:04.0093 2548 C:\WINDOWS\system32\ole32.dll - ok
23:44:04.0093 2548 [ CF492D7E9AF1C628B3536D20EF6F5CC7 ] C:\WINDOWS\system32\apphelp.dll
23:44:04.0093 2548 C:\WINDOWS\system32\apphelp.dll - ok
23:44:04.0093 2548 [ BF2466B3E18E970D8A976FB95FC1CA85 ] C:\WINDOWS\system32\lsass.exe
23:44:04.0093 2548 C:\WINDOWS\system32\lsass.exe - ok
23:44:04.0109 2548 [ 473AEFCD0D33ED3BB04FC9755AE37DBF ] C:\WINDOWS\system32\savedump.exe
23:44:04.0109 2548 C:\WINDOWS\system32\savedump.exe - ok
23:44:04.0109 2548 [ 65DF52F5B8B6E9BBD183505225C37315 ] C:\WINDOWS\system32\services.exe
23:44:04.0109 2548 C:\WINDOWS\system32\services.exe - ok
23:44:04.0109 2548 [ BD31DC6DBE9333C4FBD4BDF0899F2160 ] C:\WINDOWS\system32\lsasrv.dll
23:44:04.0109 2548 C:\WINDOWS\system32\lsasrv.dll - ok
23:44:04.0125 2548 [ 06848C5A1674FE6C9B7E9CA9B5B4E6E5 ] C:\WINDOWS\system32\dbgeng.dll
23:44:04.0125 2548 C:\WINDOWS\system32\dbgeng.dll - ok
23:44:04.0125 2548 [ EC29A79F1E76DC509E24D401F29D0678 ] C:\WINDOWS\system32\ncobjapi.dll
23:44:04.0125 2548 C:\WINDOWS\system32\ncobjapi.dll - ok
23:44:04.0125 2548 [ F404830F3CD9BF8F2515E489C0CDA297 ] C:\WINDOWS\system32\msvcp60.dll
23:44:04.0125 2548 C:\WINDOWS\system32\msvcp60.dll - ok
23:44:04.0125 2548 [ B24A42A413E694AD73FDFB7FBD492C31 ] C:\WINDOWS\system32\scesrv.dll
23:44:04.0125 2548 C:\WINDOWS\system32\scesrv.dll - ok
23:44:04.0140 2548 [ DD7BD97FB8BD800963789158A5E4B41D ] C:\WINDOWS\system32\mpr.dll
23:44:04.0140 2548 C:\WINDOWS\system32\mpr.dll - ok
23:44:04.0140 2548 [ B6E6F3F5B63053D5DC1F4EE32992492F ] C:\WINDOWS\system32\dbghelp.dll
23:44:04.0140 2548 C:\WINDOWS\system32\dbghelp.dll - ok
23:44:04.0140 2548 [ 389496118B3B03C2328024AF320132AC ] C:\WINDOWS\system32\dnsapi.dll
23:44:04.0140 2548 C:\WINDOWS\system32\dnsapi.dll - ok
23:44:04.0156 2548 [ EC4C0D9BFD9F7E33F8B395AD54E13063 ] C:\WINDOWS\system32\ntdsapi.dll
23:44:04.0156 2548 C:\WINDOWS\system32\ntdsapi.dll - ok
23:44:04.0156 2548 [ 2EDFC2A8893435723AD80481803C6D5C ] C:\WINDOWS\system32\umpnpmgr.dll
23:44:04.0156 2548 C:\WINDOWS\system32\umpnpmgr.dll - ok
23:44:04.0156 2548 [ EA9EE60B408878E5F2012F9C783836DB ] C:\WINDOWS\AppPatch\acadproc.dll
23:44:04.0156 2548 C:\WINDOWS\AppPatch\acadproc.dll - ok
23:44:04.0171 2548 [ 1F03103598BD817B1078DAB1326DDE11 ] C:\WINDOWS\system32\shimeng.dll
23:44:04.0171 2548 C:\WINDOWS\system32\shimeng.dll - ok
23:44:04.0171 2548 [ 0492CF5870F0E616B0C71695A433D162 ] C:\WINDOWS\system32\wldap32.dll
23:44:04.0171 2548 C:\WINDOWS\system32\wldap32.dll - ok
23:44:04.0171 2548 [ 8329A39D5A402A75A74301D6A62ECDA1 ] C:\WINDOWS\system32\samlib.dll
23:44:04.0171 2548 C:\WINDOWS\system32\samlib.dll - ok
23:44:04.0187 2548 [ 310C15FD8358B2C4CD7A5B98A112883F ] C:\WINDOWS\AppPatch\acgenral.dll
23:44:04.0187 2548 C:\WINDOWS\AppPatch\acgenral.dll - ok
23:44:04.0187 2548 [ 1B2BE5777F69A71778F52FFEE1C798D6 ] C:\WINDOWS\system32\oleaut32.dll
23:44:04.0187 2548 C:\WINDOWS\system32\oleaut32.dll - ok
23:44:04.0187 2548 [ F05B8CDB7FE0E55DCCFB1D946CE80064 ] C:\WINDOWS\system32\samsrv.dll
23:44:04.0187 2548 C:\WINDOWS\system32\samsrv.dll - ok
23:44:04.0203 2548 [ 4A953F13942867BA8FB41F141EC1B80C ] C:\WINDOWS\system32\winmm.dll
23:44:04.0203 2548 C:\WINDOWS\system32\winmm.dll - ok
23:44:04.0203 2548 [ 17A1D675C12BBF80CAAC54A4855C41D0 ] C:\WINDOWS\system32\cryptdll.dll
23:44:04.0203 2548 C:\WINDOWS\system32\cryptdll.dll - ok
23:44:04.0203 2548 [ 2098AB52BD5316E59AA36F3437B13BE6 ] C:\WINDOWS\system32\msacm32.dll
23:44:04.0203 2548 C:\WINDOWS\system32\msacm32.dll - ok
23:44:04.0218 2548 [ 7A2CC3719B255E6B5D74396183B7715B ] C:\WINDOWS\system32\uxtheme.dll
23:44:04.0218 2548 C:\WINDOWS\system32\uxtheme.dll - ok
23:44:04.0218 2548 [ F24B12786D60A17008319E3F2AEE7799 ] C:\WINDOWS\system32\msapsspc.dll
23:44:04.0218 2548 C:\WINDOWS\system32\msapsspc.dll - ok
23:44:04.0218 2548 [ 0099D24356585743B0B35C222092FD8F ] C:\WINDOWS\system32\faultrep.dll
23:44:04.0218 2548 C:\WINDOWS\system32\faultrep.dll - ok
23:44:04.0234 2548 [ 7A660EDC0757849DF5F8706FB6E9F740 ] C:\WINDOWS\system32\msvcrt40.dll
23:44:04.0234 2548 C:\WINDOWS\system32\msvcrt40.dll - ok
23:44:04.0234 2548 [ 0E2735281FBB9A764D5584C2A5DCBA59 ] C:\WINDOWS\system32\wtsapi32.dll
23:44:04.0234 2548 C:\WINDOWS\system32\wtsapi32.dll - ok
23:44:04.0234 2548 [ 0F64207B49390C8063C36AE7CBF9C2DB ] C:\WINDOWS\system32\schannel.dll
23:44:04.0234 2548 C:\WINDOWS\system32\schannel.dll - ok
23:44:04.0250 2548 [ 3D76DD0CBC536E0F8C45D23ED230BEB2 ] C:\WINDOWS\system32\digest.dll
23:44:04.0250 2548 C:\WINDOWS\system32\digest.dll - ok
23:44:04.0250 2548 [ A4388DF80E52695AE92EE5F3F61F1619 ] C:\WINDOWS\system32\msnsspc.dll
23:44:04.0250 2548 C:\WINDOWS\system32\msnsspc.dll - ok
23:44:04.0250 2548 [ 3F790874A85819E94574F3E7AF9C5806 ] C:\WINDOWS\system32\msctfime.ime
23:44:04.0250 2548 C:\WINDOWS\system32\msctfime.ime - ok
23:44:04.0265 2548 [ C6BB1D1500DB4A0E224CB65E6C7E8A80 ] C:\WINDOWS\system32\msprivs.dll
23:44:04.0265 2548 C:\WINDOWS\system32\msprivs.dll - ok
23:44:04.0265 2548 [ A525C96C51D55111FDF3BEA9FFFFC7AE ] C:\WINDOWS\system32\kerberos.dll
23:44:04.0265 2548 C:\WINDOWS\system32\kerberos.dll - ok
23:44:04.0265 2548 [ 517561A1113B04E51D936CD018DE1C1F ] C:\WINDOWS\system32\msv1_0.dll
23:44:04.0265 2548 C:\WINDOWS\system32\msv1_0.dll - ok
23:44:04.0281 2548 [ AF07DC9B7CC455629E732340C7B15F3A ] C:\WINDOWS\system32\iphlpapi.dll
23:44:04.0281 2548 C:\WINDOWS\system32\iphlpapi.dll - ok
23:44:04.0281 2548 [ 1B7F071C51B77C272875C3A23E1E4550 ] C:\WINDOWS\system32\netlogon.dll
23:44:04.0281 2548 C:\WINDOWS\system32\netlogon.dll - ok
23:44:04.0281 2548 [ 1E644E3533DCE2B580A663AE1ACBD539 ] C:\WINDOWS\system32\atmfd.dll
23:44:04.0281 2548 C:\WINDOWS\system32\atmfd.dll - ok
23:44:04.0296 2548 [ 54DAE3EA34802B4ED9AE1C6B1209FA56 ] C:\WINDOWS\system32\rsaenh.dll
23:44:04.0296 2548 C:\WINDOWS\system32\rsaenh.dll - ok
23:44:04.0296 2548 [ 54AF4B1D5459500EF0937F6D33B1914F ] C:\WINDOWS\system32\w32time.dll
23:44:04.0296 2548 C:\WINDOWS\system32\w32time.dll - ok
23:44:04.0296 2548 [ 3AAF9B35939FF9E58CCD18D41655C2FC ] C:\WINDOWS\system32\wdigest.dll
23:44:04.0296 2548 C:\WINDOWS\system32\wdigest.dll - ok
23:44:04.0312 2548 [ 02988B904C386B500CD08639C4C20EEA ] C:\WINDOWS\system32\winscard.dll
23:44:04.0312 2548 C:\WINDOWS\system32\winscard.dll - ok
23:44:04.0312 2548 [ A86BB5E61BF3E39B62AB4C7E7085A084 ] C:\WINDOWS\system32\scecli.dll
23:44:04.0312 2548 C:\WINDOWS\system32\scecli.dll - ok
23:44:04.0312 2548 [ 27C6D03BCDB8CFEB96B716F3D8BE3E18 ] C:\WINDOWS\system32\svchost.exe
23:44:04.0312 2548 C:\WINDOWS\system32\svchost.exe - ok
23:44:04.0328 2548 [ 549290DBC280C887681D7652978DBBE0 ] C:\WINDOWS\system32\ntmarta.dll
23:44:04.0328 2548 C:\WINDOWS\system32\ntmarta.dll - ok
23:44:04.0328 2548 [ 6B27A5C03DFB94B4245739065431322C ] C:\WINDOWS\system32\rpcss.dll
23:44:04.0328 2548 C:\WINDOWS\system32\rpcss.dll - ok
23:44:04.0328 2548 [ 16403217AB6FC5C30C14C6B12098AD4B ] C:\WINDOWS\system32\xpsp2res.dll
23:44:04.0328 2548 C:\WINDOWS\system32\xpsp2res.dll - ok
23:44:04.0343 2548 [ 6D4FEB43EE538FC5428CC7F0565AA656 ] C:\WINDOWS\system32\eventlog.dll
23:44:04.0343 2548 C:\WINDOWS\system32\eventlog.dll - ok
23:44:04.0343 2548 [ 943337D786A56729263071623BBB9DE5 ] C:\WINDOWS\system32\mswsock.dll
23:44:04.0343 2548 C:\WINDOWS\system32\mswsock.dll - ok
23:44:04.0343 2548 [ 3CB32D3B8CBE79899D63280BB7A83CD9 ] C:\WINDOWS\system32\hnetcfg.dll
23:44:04.0343 2548 C:\WINDOWS\system32\hnetcfg.dll - ok
23:44:04.0359 2548 [ 0E3E56064E162EE9CC48698355098301 ] C:\Program Files\Bonjour\mdnsNSP.dll
23:44:04.0359 2548 C:\Program Files\Bonjour\mdnsNSP.dll - ok
23:44:04.0359 2548 [ 4E3D06D6E68EEDB52565080F55B460D3 ] C:\WINDOWS\system32\wshtcpip.dll
23:44:04.0359 2548 C:\WINDOWS\system32\wshtcpip.dll - ok
23:44:04.0359 2548 [ D72B9EC3337B247A666F098F3D6B43DE ] C:\WINDOWS\system32\winrnr.dll
23:44:04.0359 2548 C:\WINDOWS\system32\winrnr.dll - ok
23:44:04.0375 2548 [ 6F9BEF24C578D5D6740E080BEDD6A448 ] C:\WINDOWS\system32\rasadhlp.dll
23:44:04.0375 2548 C:\WINDOWS\system32\rasadhlp.dll - ok
23:44:04.0375 2548 [ 904120AAB6EF27B6AF73C19D09EB2695 ] C:\WINDOWS\system32\WudfPlatform.dll
23:44:04.0375 2548 C:\WINDOWS\system32\WudfPlatform.dll - ok
23:44:04.0375 2548 [ AE93084D2D236887BA56467AE42B4955 ] C:\WINDOWS\system32\WudfSvc.dll
23:44:04.0375 2548 C:\WINDOWS\system32\WudfSvc.dll - ok
23:44:04.0390 2548 [ 023867B6606FBABCDD52E089C4A507DA ] C:\WINDOWS\system32\drivers\AegisP.sys
23:44:04.0390 2548 C:\WINDOWS\system32\drivers\AegisP.sys - ok
23:44:04.0390 2548 [ F927A4434C5028758A842943EF1A3849 ] C:\WINDOWS\system32\drivers\ndisuio.sys
23:44:04.0390 2548 C:\WINDOWS\system32\drivers\ndisuio.sys - ok
23:44:04.0390 2548 [ 5E38D7684A49CACFB752B046357E0589 ] C:\WINDOWS\system32\dhcpcsvc.dll
23:44:04.0390 2548 C:\WINDOWS\system32\dhcpcsvc.dll - ok
23:44:04.0406 2548 [ 5F7E24FA9EAB896051FFB87F840730D2 ] C:\WINDOWS\system32\dnsrslvr.dll
23:44:04.0406 2548 C:\WINDOWS\system32\dnsrslvr.dll - ok
23:44:04.0406 2548 [ A7DB739AE99A796D91580147E919CC59 ] C:\WINDOWS\system32\lmhsvc.dll
23:44:04.0406 2548 C:\WINDOWS\system32\lmhsvc.dll - ok
23:44:04.0406 2548 [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] C:\WINDOWS\system32\wzcsvc.dll
23:44:04.0406 2548 C:\WINDOWS\system32\wzcsvc.dll - ok
23:44:04.0421 2548 [ 876CCF164E08D6B903CD14398E056DD2 ] C:\WINDOWS\system32\rtutils.dll
23:44:04.0421 2548 C:\WINDOWS\system32\rtutils.dll - ok
23:44:04.0421 2548 [ E6EF7BC927D9F8F9BA1584BFC39E0C6F ] C:\WINDOWS\system32\eapolqec.dll
23:44:04.0421 2548 C:\WINDOWS\system32\eapolqec.dll - ok
23:44:04.0421 2548 [ 7B0770526801F05D58C51A3DFB87B4BD ] C:\WINDOWS\system32\wmi.dll
23:44:04.0421 2548 C:\WINDOWS\system32\wmi.dll - ok
23:44:04.0437 2548 [ 224FB925C641DA16CEB6D60F40CA4C75 ] C:\WINDOWS\system32\atl.dll
23:44:04.0437 2548 C:\WINDOWS\system32\atl.dll - ok
23:44:04.0437 2548 [ 8E2CC37BA87D8F681066E0E9C8A19F73 ] C:\WINDOWS\system32\dot3api.dll
23:44:04.0437 2548 C:\WINDOWS\system32\dot3api.dll - ok
23:44:04.0437 2548 [ 8AE93AACC648921BAACB8602991AC4B3 ] C:\WINDOWS\system32\qutil.dll
23:44:04.0437 2548 C:\WINDOWS\system32\qutil.dll - ok
23:44:04.0453 2548 [ F5B754CDEA20BBB3A31E16A776EDE6D6 ] C:\WINDOWS\system32\esent.dll
23:44:04.0453 2548 C:\WINDOWS\system32\esent.dll - ok
23:44:04.0453 2548 [ F137A0CA70003DB20448D540651FA003 ] C:\WINDOWS\system32\clbcatq.dll
23:44:04.0453 2548 C:\WINDOWS\system32\clbcatq.dll - ok
23:44:04.0453 2548 [ 1280A158C722FA95A80FB7AEBE78FA7D ] C:\WINDOWS\system32\comres.dll
23:44:04.0453 2548 C:\WINDOWS\system32\comres.dll - ok
23:44:04.0468 2548 [ B714735C12A70171DE28657948FD91F1 ] C:\WINDOWS\system32\mlang.dll
23:44:04.0468 2548 C:\WINDOWS\system32\mlang.dll - ok
23:44:04.0468 2548 [ A39BE37C9237DB5F1990D61B268EA555 ] C:\WINDOWS\system32\rastls.dll
23:44:04.0468 2548 C:\WINDOWS\system32\rastls.dll - ok
23:44:04.0468 2548 [ 767FF54A552732CE772C2302025FA82F ] C:\WINDOWS\system32\wzcsapi.dll
23:44:04.0468 2548 C:\WINDOWS\system32\wzcsapi.dll - ok
23:44:04.0484 2548 [ 566382CA5F2C41FEAEEEFAC908F1EB92 ] C:\WINDOWS\system32\xmlprovi.dll
23:44:04.0484 2548 C:\WINDOWS\system32\xmlprovi.dll - ok
23:44:04.0484 2548 [ 6E4BE11D50F8A8DE2BAD644C9C9DE8D3 ] C:\WINDOWS\system32\cryptui.dll
23:44:04.0484 2548 C:\WINDOWS\system32\cryptui.dll - ok
23:44:04.0484 2548 [ 2081A5B5E4ABA206A0A8A1A97DF0FB23 ] C:\WINDOWS\system32\logonui.exe
23:44:04.0484 2548 C:\WINDOWS\system32\logonui.exe - ok
23:44:04.0500 2548 [ 515A7FAE2070C2B0242B2353443E2F11 ] C:\WINDOWS\system32\cscdll.dll
23:44:04.0500 2548 C:\WINDOWS\system32\cscdll.dll - ok
23:44:04.0500 2548 [ E2092F0A1D7ABC243F9C2362483D150D ] C:\WINDOWS\system32\dimsntfy.dll
23:44:04.0500 2548 C:\WINDOWS\system32\dimsntfy.dll - ok
23:44:04.0500 2548 [ 0AC731A0956AF6092F76E8F5159D00C1 ] C:\Program Files\Common Files\Logishrd\Bluetooth\LBTWLgn.dll
23:44:04.0500 2548 C:\Program Files\Common Files\Logishrd\Bluetooth\LBTWLgn.dll - ok
23:44:04.0515 2548 [ C4300CB4D20B1159DC77E01E8A2525EC ] C:\WINDOWS\system32\wininet.dll
23:44:04.0515 2548 C:\WINDOWS\system32\wininet.dll - ok
23:44:04.0515 2548 [ 3D41A9326F0376FC73AF961DD23B1FB1 ] C:\WINDOWS\system32\duser.dll
23:44:04.0515 2548 C:\WINDOWS\system32\duser.dll - ok
23:44:04.0531 2548 [ AFFC87E2501FCE8F09D4C10BA6421CCF ] C:\WINDOWS\system32\msimg32.dll
23:44:04.0531 2548 C:\WINDOWS\system32\msimg32.dll - ok
23:44:04.0531 2548 [ 2CC34E8BB667EEF78899546E12649196 ] C:\WINDOWS\system32\wlnotify.dll
23:44:04.0531 2548 C:\WINDOWS\system32\wlnotify.dll - ok
23:44:04.0531 2548 [ 20200EE3CFE10E9F0C028D8653BE11C6 ] C:\WINDOWS\system32\oleacc.dll
23:44:04.0531 2548 C:\WINDOWS\system32\oleacc.dll - ok
23:44:04.0546 2548 [ BD83ABA61E8ACCC8D9FFB869F29418CE ] C:\WINDOWS\system32\winspool.drv
23:44:04.0546 2548 C:\WINDOWS\system32\winspool.drv - ok
23:44:04.0546 2548 [ 10753A3ADC3E39A3B10CC3F08E98E6B4 ] C:\WINDOWS\system32\normaliz.dll
23:44:04.0546 2548 C:\WINDOWS\system32\normaliz.dll - ok
23:44:04.0546 2548 [ C9335D5B07E6A930BD561D35C431A0AF ] C:\WINDOWS\system32\urlmon.dll
23:44:04.0546 2548 C:\WINDOWS\system32\urlmon.dll - ok
23:44:04.0562 2548 [ 46485AE6433AF77F237C792D3DA11F48 ] C:\WINDOWS\system32\iertutil.dll
23:44:04.0562 2548 C:\WINDOWS\system32\iertutil.dll - ok
23:44:04.0562 2548 [ E5EDBD51476DB5001ABF5C82AE5C3DD1 ] C:\WINDOWS\system32\shgina.dll
23:44:04.0562 2548 C:\WINDOWS\system32\shgina.dll - ok
23:44:04.0562 2548 [ EA5B8BECA3F279C757578CD7F1E95855 ] C:\WINDOWS\system32\mprapi.dll
23:44:04.0578 2548 C:\WINDOWS\system32\mprapi.dll - ok
23:44:04.0578 2548 [ 2CDAE321B8E878A278BA2D2FA013060B ] C:\WINDOWS\system32\activeds.dll
23:44:04.0578 2548 C:\WINDOWS\system32\activeds.dll - ok
23:44:04.0578 2548 [ 0D84657DBF93DB98673DEFDF2B29E25A ] C:\WINDOWS\system32\adsldpc.dll
23:44:04.0578 2548 C:\WINDOWS\system32\adsldpc.dll - ok
23:44:04.0593 2548 [ 92C4F48B62B0B876194584C3FF09CCB6 ] C:\WINDOWS\system32\rasapi32.dll
23:44:04.0593 2548 C:\WINDOWS\system32\rasapi32.dll - ok
23:44:04.0593 2548 [ 4DEF926F6A0545AE486A03C84F2EE482 ] C:\WINDOWS\system32\rasman.dll
23:44:04.0593 2548 C:\WINDOWS\system32\rasman.dll - ok
23:44:04.0593 2548 [ 00AABF131B4823785818DB99A075A313 ] C:\WINDOWS\system32\tapi32.dll
23:44:04.0593 2548 C:\WINDOWS\system32\tapi32.dll - ok
23:44:04.0609 2548 [ C1FAEA15E41F62D7BFA7FBC395C24BA6 ] C:\WINDOWS\system32\riched20.dll
23:44:04.0609 2548 C:\WINDOWS\system32\riched20.dll - ok
23:44:04.0609 2548 [ 56CE97FF94B7662A300D359CD6F4D601 ] C:\WINDOWS\system32\raschap.dll
23:44:04.0609 2548 C:\WINDOWS\system32\raschap.dll - ok
23:44:04.0609 2548 [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] C:\WINDOWS\system32\schedsvc.dll
23:44:04.0609 2548 C:\WINDOWS\system32\schedsvc.dll - ok
23:44:04.0625 2548 [ E47E364C96467FD54FA44D59F927C3AB ] C:\WINDOWS\system32\msidle.dll
23:44:04.0625 2548 C:\WINDOWS\system32\msidle.dll - ok
23:44:04.0625 2548 [ 60784F891563FB1B767F70117FC2428F ] C:\WINDOWS\system32\spoolsv.exe
23:44:04.0625 2548 C:\WINDOWS\system32\spoolsv.exe - ok
23:44:04.0625 2548 [ DEF7A7882BEC100FE0B2CE2549188F9D ] C:\WINDOWS\system32\audiosrv.dll
23:44:04.0625 2548 C:\WINDOWS\system32\audiosrv.dll - ok
23:44:04.0625 2548 [ A8888A5327621856C0CEC4E385F69309 ] C:\WINDOWS\system32\wkssvc.dll
23:44:04.0625 2548 C:\WINDOWS\system32\wkssvc.dll - ok
23:44:04.0640 2548 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] C:\WINDOWS\system32\drivers\mrxdav.sys
23:44:04.0640 2548 C:\WINDOWS\system32\drivers\mrxdav.sys - ok
23:44:04.0640 2548 [ 77A354E28153AD2D5E120A5A8687BC06 ] C:\WINDOWS\system32\webclnt.dll
23:44:04.0640 2548 C:\WINDOWS\system32\webclnt.dll - ok
23:44:04.0640 2548 [ A8AA9D47F971570A5162B862B80F87E8 ] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
23:44:04.0640 2548 C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe - ok
23:44:04.0656 2548 [ 67156D5A9AC356DC99D7BCCB388E3316 ] C:\WINDOWS\system32\wsock32.dll
23:44:04.0656 2548 C:\WINDOWS\system32\wsock32.dll - ok
23:44:04.0656 2548 [ 9EFE4236F8670846B6E7C5B0EFF6E715 ] C:\Program Files\Bonjour\mDNSResponder.exe
23:44:04.0656 2548 C:\Program Files\Bonjour\mDNSResponder.exe - ok
23:44:04.0656 2548 [ C5A75EB48E2344ABDC162BDA79E16841 ] C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
23:44:04.0656 2548 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe - ok
23:44:04.0671 2548 [ E5F7C30EDF0892667933BE879F067D67 ] C:\WINDOWS\system32\msvcr100_clr0400.dll
23:44:04.0671 2548 C:\WINDOWS\system32\msvcr100_clr0400.dll - ok
23:44:04.0671 2548 [ 128DD9AF8640DBCC711940903C8B554F ] C:\WINDOWS\system32\mscoree.dll
23:44:04.0671 2548 C:\WINDOWS\system32\mscoree.dll - ok
23:44:04.0671 2548 [ 3D4E199942E29207970E04315D02AD3B ] C:\WINDOWS\system32\cryptsvc.dll
23:44:04.0671 2548 C:\WINDOWS\system32\cryptsvc.dll - ok
23:44:04.0687 2548 [ 00709952D444EAE14DBBD30D36FBAE0F ] C:\WINDOWS\system32\certcli.dll
23:44:04.0687 2548 C:\WINDOWS\system32\certcli.dll - ok
23:44:04.0687 2548 [ BC93B4A066477954555966D77FEC9ECB ] C:\WINDOWS\system32\ersvc.dll
23:44:04.0687 2548 C:\WINDOWS\system32\ersvc.dll - ok
23:44:04.0703 2548 [ D4991D98F2DB73C60D042F1AEF79EFAE ] C:\WINDOWS\system32\es.dll
23:44:04.0703 2548 C:\WINDOWS\system32\es.dll - ok
23:44:04.0703 2548 [ 80F08F50D248EEEEB9256F6522891D40 ] C:\Program Files\Java\jre7\bin\jqs.exe
23:44:04.0703 2548 C:\Program Files\Java\jre7\bin\jqs.exe - ok
23:44:04.0703 2548 [ 4FCCA060DFE0C51A09DD5C3843888BCD ] C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll
23:44:04.0703 2548 C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll - ok
23:44:04.0718 2548 [ DEB04DA35CC871B6D309B77E1443C796 ] C:\WINDOWS\system32\hidserv.dll
23:44:04.0718 2548 C:\WINDOWS\system32\hidserv.dll - ok
23:44:04.0718 2548 [ 67EC459E42D3081DD8FD34356F7CAFC1 ] C:\Program Files\Java\jre7\bin\msvcr100.dll
23:44:04.0718 2548 C:\Program Files\Java\jre7\bin\msvcr100.dll - ok
23:44:04.0718 2548 [ 8973122796E3B5D6B5900FC186E55FEA ] C:\WINDOWS\system32\hid.dll
23:44:04.0718 2548 C:\WINDOWS\system32\hid.dll - ok
23:44:04.0734 2548 [ 369F7B1A4F358B976176556A1A331F36 ] C:\WINDOWS\system32\odbcbcp.dll
23:44:04.0734 2548 C:\WINDOWS\system32\odbcbcp.dll - ok
23:44:04.0734 2548 [ 62CF83A6989312A0DD39BBFFB3D1C166 ] C:\WINDOWS\system32\pdh.dll
23:44:04.0734 2548 C:\WINDOWS\system32\pdh.dll - ok
23:44:04.0734 2548 [ BE2DC24D403643A2D1D98F33C7087B38 ] C:\WINDOWS\system32\drivers\LBeepKE.sys
23:44:04.0734 2548 C:\WINDOWS\system32\drivers\LBeepKE.sys - ok
23:44:04.0750 2548 [ 3A7C3CBE5D96B8AE96CE81F0B22FB527 ] C:\WINDOWS\system32\srvsvc.dll
23:44:04.0750 2548 C:\WINDOWS\system32\srvsvc.dll - ok
23:44:04.0750 2548 [ 85B16A92B117A5A800032ECD904B86DB ] C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
23:44:04.0750 2548 C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe - ok
23:44:04.0750 2548 [ 20FD44370267CCD0A64A1B31861C21D2 ] C:\WINDOWS\system32\netmsg.dll
23:44:04.0750 2548 C:\WINDOWS\system32\netmsg.dll - ok
23:44:04.0765 2548 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] C:\WINDOWS\system32\drivers\srv.sys
23:44:04.0765 2548 C:\WINDOWS\system32\drivers\srv.sys - ok
23:44:04.0765 2548 [ ACDAFCD14EC0ECE89198503746A5C147 ] C:\WINDOWS\system32\perfos.dll
23:44:04.0765 2548 C:\WINDOWS\system32\perfos.dll - ok
23:44:04.0765 2548 [ C0F7C25EEFB1C5FD554AAA801201A83C ] C:\Program Files\Malwarebytes' Anti-Malware\mbam.dll
23:44:04.0765 2548 C:\Program Files\Malwarebytes' Anti-Malware\mbam.dll - ok
23:44:04.0781 2548 [ ABFB673B24A9B3287761D497529FB5B9 ] C:\WINDOWS\system32\perfdisk.dll
23:44:04.0781 2548 C:\WINDOWS\system32\perfdisk.dll - ok
23:44:04.0781 2548 [ C885B02847F5D2FD45A24E219ED93B32 ] C:\WINDOWS\system32\drivers\cdfs.sys
23:44:04.0781 2548 C:\WINDOWS\system32\drivers\cdfs.sys - ok
23:44:04.0781 2548 [ A8AD2773202A3913D1E1564BD5703183 ] C:\Program Files\Malwarebytes' Anti-Malware\mbamnet.dll
23:44:04.0781 2548 C:\Program Files\Malwarebytes' Anti-Malware\mbamnet.dll - ok
23:44:04.0796 2548 [ 79E3A8C328E7E569C32B0998377D9742 ] C:\WINDOWS\system32\spoolss.dll
23:44:04.0796 2548 C:\WINDOWS\system32\spoolss.dll - ok
23:44:04.0796 2548 [ 5677DFE438EC1F009273FC84FEED6B10 ] C:\WINDOWS\system32\localspl.dll
23:44:04.0796 2548 C:\WINDOWS\system32\localspl.dll - ok
23:44:04.0796 2548 [ 5D3D1AB0EF4EA55B731863050482C111 ] C:\WINDOWS\system32\cnbjmon.dll
23:44:04.0796 2548 C:\WINDOWS\system32\cnbjmon.dll - ok
23:44:04.0812 2548 [ CC6292CA575E851E5B74BF8883AB967A ] C:\WINDOWS\system32\fxsmon.dll
23:44:04.0812 2548 C:\WINDOWS\system32\fxsmon.dll - ok
23:44:04.0812 2548 [ BDB83C844EDEC9BD01A94750D2C38DDF ] C:\WINDOWS\system32\fxsevent.dll
23:44:04.0812 2548 C:\WINDOWS\system32\fxsevent.dll - ok
23:44:04.0812 2548 [ C52CE534397E1D3A442FB4C88A3CBE42 ] C:\WINDOWS\system32\msonpmon.dll
23:44:04.0812 2548 C:\WINDOWS\system32\msonpmon.dll - ok
23:44:04.0828 2548 [ 222DE7F5EDB9DDBE628384A1A8BE59CE ] C:\WINDOWS\system32\pjlmon.dll
23:44:04.0828 2548 C:\WINDOWS\system32\pjlmon.dll - ok
23:44:04.0828 2548 [ C9564CF4976E7E96B4052737AA2492B4 ] C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\msvcr80.dll
23:44:04.0828 2548 C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\msvcr80.dll - ok
23:44:04.0828 2548 [ D3F72D50DE53F9F1F55240115AF4D42E ] C:\WINDOWS\system32\msi.dll
23:44:04.0828 2548 C:\WINDOWS\system32\msi.dll - ok
23:44:04.0843 2548 [ AE0382AD9C73D343D85E1A50C80B7C20 ] C:\WINDOWS\system32\tcpmon.dll
23:44:04.0843 2548 C:\WINDOWS\system32\tcpmon.dll - ok
23:44:04.0843 2548 [ 1633409E67F1BD6E5AC8ECB9CD5D2027 ] C:\WINDOWS\system32\nvsvc32.exe
23:44:04.0843 2548 C:\WINDOWS\system32\nvsvc32.exe - ok
23:44:04.0843 2548 [ 50A166237A0FA771261275A405646CC0 ] C:\WINDOWS\system32\powrprof.dll
23:44:04.0843 2548 C:\WINDOWS\system32\powrprof.dll - ok
23:44:04.0859 2548 [ F26385E8BA4549B5186B774EC0E45D86 ] C:\WINDOWS\system32\usbmon.dll
23:44:04.0859 2548 C:\WINDOWS\system32\usbmon.dll - ok
23:44:04.0859 2548 [ A4DF135D9CBE77CD3F6E272558C2B907 ] C:\WINDOWS\system32\nvcpl.dll
23:44:04.0859 2548 C:\WINDOWS\system32\nvcpl.dll - ok
23:44:04.0859 2548 [ EEE7F12D9FF46F68FBC0DA059A359E9E ] C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll
23:44:04.0859 2548 C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll - ok
23:44:04.0875 2548 [ 53B518B36FF81CB21334E43237B7B461 ] C:\Program Files\Arcadyan Wireless\pctwpasv.exe
23:44:04.0875 2548 C:\Program Files\Arcadyan Wireless\pctwpasv.exe - ok
23:44:04.0875 2548 [ F348280907B38FDBDB3CEF55D456E149 ] C:\WINDOWS\system32\spool\prtprocs\w32x86\msonpppr.dll
23:44:04.0875 2548 C:\WINDOWS\system32\spool\prtprocs\w32x86\msonpppr.dll - ok
23:44:04.0875 2548 [ 291778DFEBAA278B451D457B03C10AC1 ] C:\WINDOWS\system32\win32spl.dll
23:44:04.0875 2548 C:\WINDOWS\system32\win32spl.dll - ok
23:44:04.0875 2548 [ B41D53899E37CC43DA85DA19998BEE81 ] C:\WINDOWS\system32\netrap.dll
23:44:04.0875 2548 C:\WINDOWS\system32\netrap.dll - ok
23:44:04.0890 2548 [ 90FCB99048A4E6527B7F9AE28D896D50 ] C:\WINDOWS\system32\PCTIN50.dll
23:44:04.0890 2548 C:\WINDOWS\system32\PCTIN50.dll - ok
23:44:04.0890 2548 [ 5F0CE62E0831CF972EC6949FD3E37DA7 ] C:\WINDOWS\system32\cfgmgr32.dll
23:44:04.0890 2548 C:\WINDOWS\system32\cfgmgr32.dll - ok
23:44:04.0890 2548 [ EE4C651A217B01D636B5364AC77DA892 ] C:\WINDOWS\system32\inetpp.dll
23:44:04.0890 2548 C:\WINDOWS\system32\inetpp.dll - ok
23:44:04.0906 2548 [ 332760FBA1655FCFD35BD6F4FD871300 ] C:\WINDOWS\system32\ipsecsvc.dll
23:44:04.0906 2548 C:\WINDOWS\system32\ipsecsvc.dll - ok
23:44:04.0906 2548 [ C5FF8682EADA5B3B27A865F1C3EF9270 ] C:\WINDOWS\system32\oakley.dll
23:44:04.0906 2548 C:\WINDOWS\system32\oakley.dll - ok
23:44:04.0906 2548 [ CBE612E2BB6A10E3563336191EDA1250 ] C:\WINDOWS\system32\seclogon.dll
23:44:04.0906 2548 C:\WINDOWS\system32\seclogon.dll - ok
23:44:04.0921 2548 [ 60C377BE6B3CC83F6A8584934B181D2E ] C:\WINDOWS\system32\snmp.exe
23:44:04.0921 2548 C:\WINDOWS\system32\snmp.exe - ok
23:44:04.0921 2548 [ 248712EA6BA17B9FF0C542A3828375DD ] C:\WINDOWS\system32\winipsec.dll
23:44:04.0921 2548 C:\WINDOWS\system32\winipsec.dll - ok
23:44:04.0921 2548 [ 853D0D0C6F02D7BFDF1CF99DD7553732 ] C:\WINDOWS\system32\pstorsvc.dll
23:44:04.0921 2548 C:\WINDOWS\system32\pstorsvc.dll - ok
23:44:04.0937 2548 [ 22D89D84E8E081CDA529DBF8C0255A38 ] C:\WINDOWS\system32\psbase.dll
23:44:04.0937 2548 C:\WINDOWS\system32\psbase.dll - ok
23:44:04.0937 2548 [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] C:\WINDOWS\system32\sens.dll
23:44:04.0937 2548 C:\WINDOWS\system32\sens.dll - ok
23:44:04.0937 2548 [ 5C1F0537E61F87B435F56E00B4F20EE8 ] C:\WINDOWS\system32\snmpapi.dll
23:44:04.0937 2548 C:\WINDOWS\system32\snmpapi.dll - ok
23:44:04.0953 2548 [ FEDE68BF80052BAD393AFD5C2E60DCB0 ] C:\WINDOWS\system32\dssenh.dll
23:44:04.0953 2548 C:\WINDOWS\system32\dssenh.dll - ok
23:44:04.0953 2548 [ 3805DF0AC4296A34BA4BF93B346CC378 ] C:\WINDOWS\system32\srsvc.dll
23:44:04.0953 2548 C:\WINDOWS\system32\srsvc.dll - ok
23:44:04.0953 2548 [ 7AC9F99C9E12A5C0C35B0A9891543AEC ] C:\WINDOWS\system32\lmmib2.dll
23:44:04.0953 2548 C:\WINDOWS\system32\lmmib2.dll - ok
23:44:04.0968 2548 [ 085ED2E391A871C7BAE87E0228B546BA ] C:\WINDOWS\system32\cscui.dll
23:44:04.0968 2548 C:\WINDOWS\system32\cscui.dll - ok
23:44:04.0968 2548 [ 8BAD69CBAC032D4BBACFCE0306174C30 ] C:\WINDOWS\system32\wiaservc.dll
23:44:04.0968 2548 C:\WINDOWS\system32\wiaservc.dll - ok
23:44:04.0968 2548 [ 3CB78C17BB664637787C9A1C98F79C38 ] C:\WINDOWS\system32\tapisrv.dll
23:44:04.0968 2548 C:\WINDOWS\system32\tapisrv.dll - ok
23:44:04.0984 2548 [ 63E8D944AFBEEBB243F25C4ED07E74C5 ] C:\WINDOWS\system32\inetmib1.dll
23:44:04.0984 2548 C:\WINDOWS\system32\inetmib1.dll - ok
23:44:04.0984 2548 [ C744B07A16F5FBAAF2892716F4DBCB1B ] C:\WINDOWS\system32\hostmib.dll
23:44:04.0984 2548 C:\WINDOWS\system32\hostmib.dll - ok
23:44:04.0984 2548 [ 55BCA12F7F523D35CA3CB833C725F54E ] C:\WINDOWS\system32\trkwks.dll
23:44:04.0984 2548 C:\WINDOWS\system32\trkwks.dll - ok
23:44:05.0000 2548 [ 8024D3127CEF94313F1EF7BFF08E3CE8 ] C:\WINDOWS\system32\nvapi.dll
23:44:05.0000 2548 C:\WINDOWS\system32\nvapi.dll - ok
23:44:05.0000 2548 [ 4AC2FA4A6F0DF2511BAC13393C06EFF1 ] C:\WINDOWS\system32\mscms.dll
23:44:05.0000 2548 C:\WINDOWS\system32\mscms.dll - ok
23:44:05.0000 2548 [ 2D0E4ED081963804CCC196A0929275B5 ] C:\WINDOWS\system32\wbem\wmisvc.dll
23:44:05.0000 2548 C:\WINDOWS\system32\wbem\wmisvc.dll - ok
23:44:05.0015 2548 [ 3E2F3E2F4A82B7FAE23BAB864FB0F837 ] C:\WINDOWS\system32\dpcdll.dll
23:44:05.0015 2548 C:\WINDOWS\system32\dpcdll.dll - ok
23:44:05.0015 2548 [ 744AE70A13159554BE527CB3409AD604 ] C:\WINDOWS\system32\nvdisps.dll
23:44:05.0015 2548 C:\WINDOWS\system32\nvdisps.dll - ok
23:44:05.0015 2548 [ ACACB8B14E66109B8ACD6644B5574B9A ] C:\WINDOWS\system32\vssapi.dll
23:44:05.0015 2548 C:\WINDOWS\system32\vssapi.dll - ok
23:44:05.0031 2548 [ 680B56A8B62D1BCF4A0B2AAAD03D88E4 ] C:\WINDOWS\system32\wdmaud.drv
23:44:05.0031 2548 C:\WINDOWS\system32\wdmaud.drv - ok
23:44:05.0031 2548 [ 6768ACF64B18196494413695F0C3A00F ] C:\WINDOWS\system32\drivers\wdmaud.sys
23:44:05.0031 2548 C:\WINDOWS\system32\drivers\wdmaud.sys - ok
23:44:05.0031 2548 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] C:\WINDOWS\system32\drivers\sysaudio.sys
23:44:05.0031 2548 C:\WINDOWS\system32\drivers\sysaudio.sys - ok
23:44:05.0046 2548 [ E97D6A8684466DF94FF3BC24FB787A07 ] C:\WINDOWS\system32\fxssvc.exe
23:44:05.0046 2548 C:\WINDOWS\system32\fxssvc.exe - ok
23:44:05.0046 2548 [ CFD4E51402DA9838B5A04AE680AF54A0 ] C:\WINDOWS\system32\browser.dll
23:44:05.0046 2548 C:\WINDOWS\system32\browser.dll - ok
23:44:05.0046 2548 [ 235892E493845D64D890163CFEF90E97 ] C:\WINDOWS\system32\credui.dll
23:44:05.0046 2548 C:\WINDOWS\system32\credui.dll - ok
23:44:05.0062 2548 [ 1144EF6B4BB72E33B41912AE1AE4F97A ] C:\WINDOWS\system32\fxstiff.dll
23:44:05.0062 2548 C:\WINDOWS\system32\fxstiff.dll - ok
23:44:05.0062 2548 [ 0329D0A4F230094B669A87BB3B85606E ] C:\WINDOWS\system32\fxsapi.dll
23:44:05.0062 2548 C:\WINDOWS\system32\fxsapi.dll - ok
23:44:05.0062 2548 [ ED0C0DF222209E43AD9AFBF3FE87DDE0 ] C:\WINDOWS\system32\comsvcs.dll
23:44:05.0062 2548 C:\WINDOWS\system32\comsvcs.dll - ok
23:44:05.0078 2548 [ 690D97864735E8ECD87F55777E266690 ] C:\WINDOWS\system32\colbact.dll
23:44:05.0078 2548 C:\WINDOWS\system32\colbact.dll - ok
23:44:05.0078 2548 [ 36795A645EAA47FE31D2A8F136A2C69B ] C:\WINDOWS\system32\mtxclu.dll
23:44:05.0078 2548 C:\WINDOWS\system32\mtxclu.dll - ok
23:44:05.0078 2548 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] C:\WINDOWS\system32\drivers\splitter.sys
23:44:05.0078 2548 C:\WINDOWS\system32\drivers\splitter.sys - ok
23:44:05.0093 2548 [ DF82E222578DBE59FCBBD69A02E4C806 ] C:\WINDOWS\system32\clusapi.dll
23:44:05.0093 2548 C:\WINDOWS\system32\clusapi.dll - ok
23:44:05.0093 2548 [ 8BED39E3C35D6A489438B8141717A557 ] C:\WINDOWS\system32\drivers\aec.sys
23:44:05.0093 2548 C:\WINDOWS\system32\drivers\aec.sys - ok
23:44:05.0093 2548 [ F51EBB6FC536A6B2D588FD668D3A8249 ] C:\WINDOWS\system32\resutils.dll
23:44:05.0093 2548 C:\WINDOWS\system32\resutils.dll - ok
23:44:05.0109 2548 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] C:\WINDOWS\system32\drivers\swmidi.sys
23:44:05.0109 2548 C:\WINDOWS\system32\drivers\swmidi.sys - ok
23:44:05.0109 2548 [ 8A208DFCF89792A484E76C40E5F50B45 ] C:\WINDOWS\system32\drivers\dmusic.sys
23:44:05.0109 2548 C:\WINDOWS\system32\drivers\dmusic.sys - ok
23:44:05.0109 2548 [ C14AA05881A35B6D6BB8D55B117EE22D ] C:\WINDOWS\system32\shfolder.dll
23:44:05.0109 2548 C:\WINDOWS\system32\shfolder.dll - ok
23:44:05.0125 2548 [ 692BCF44383D056AED41B045A323D378 ] C:\WINDOWS\system32\drivers\kmixer.sys
23:44:05.0125 2548 C:\WINDOWS\system32\drivers\kmixer.sys - ok
23:44:05.0125 2548 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] C:\WINDOWS\system32\drivers\drmkaud.sys
23:44:05.0125 2548 C:\WINDOWS\system32\drivers\drmkaud.sys - ok
23:44:05.0125 2548 [ 0CE5F8AE9C371A965D17E3F2ED134809 ] C:\WINDOWS\system32\fxst30.dll
23:44:05.0125 2548 C:\WINDOWS\system32\fxst30.dll - ok
23:44:05.0140 2548 [ 2D583E2844FDD592D1629EB6B10E5702 ] C:\WINDOWS\system32\fxsroute.dll
23:44:05.0140 2548 C:\WINDOWS\system32\fxsroute.dll - ok
23:44:05.0140 2548 [ 037B1E7798960E0420003D05BB577EE6 ] C:\WINDOWS\system32\rundll32.exe
23:44:05.0140 2548 C:\WINDOWS\system32\rundll32.exe - ok
23:44:05.0140 2548 [ AACE07FE34FADDDF973CE068A6424957 ] C:\WINDOWS\system32\unimdm.tsp
23:44:05.0140 2548 C:\WINDOWS\system32\unimdm.tsp - ok
23:44:05.0156 2548 [ 995252FCC4692B5B97EE17D596C9386E ] C:\WINDOWS\system32\uniplat.dll
23:44:05.0156 2548 C:\WINDOWS\system32\uniplat.dll - ok
23:44:05.0156 2548 [ 9A3BD5F55AADFF859539142F6328A66E ] C:\WINDOWS\system32\msacm32.drv
23:44:05.0156 2548 C:\WINDOWS\system32\msacm32.drv - ok
23:44:05.0156 2548 [ 5C12660A97822F6E61576943B49AAAD6 ] C:\WINDOWS\system32\midimap.dll
23:44:05.0156 2548 C:\WINDOWS\system32\midimap.dll - ok
23:44:05.0171 2548 [ 19AE6CBA05B9005698A6DEDCC88F202E ] C:\WINDOWS\system32\unimdmat.dll
23:44:05.0171 2548 C:\WINDOWS\system32\unimdmat.dll - ok
23:44:05.0171 2548 [ FE4A73CDBC882A19D070F1C01586E81A ] C:\WINDOWS\system32\modemui.dll
23:44:05.0171 2548 C:\WINDOWS\system32\modemui.dll - ok
23:44:05.0171 2548 [ 76EC97C5068D3D9FAA7774B0F659D31A ] C:\WINDOWS\system32\kmddsp.tsp
23:44:05.0171 2548 C:\WINDOWS\system32\kmddsp.tsp - ok
23:44:05.0187 2548 [ 4589963D84F2984FA5949A72162BA4F4 ] C:\WINDOWS\system32\ndptsp.tsp
23:44:05.0187 2548 C:\WINDOWS\system32\ndptsp.tsp - ok
23:44:05.0187 2548 [ 14390243E43F290A61B0B1FB3602DC4F ] C:\WINDOWS\system32\evntagnt.dll
23:44:05.0187 2548 C:\WINDOWS\system32\evntagnt.dll - ok
23:44:05.0187 2548 [ 8B8A45DF7CEF36D93C7BD3E4C84003B8 ] C:\WINDOWS\system32\ipconf.tsp
23:44:05.0187 2548 C:\WINDOWS\system32\ipconf.tsp - ok
23:44:05.0203 2548 [ 6A473B625E465946F73FB2C24412656C ] C:\WINDOWS\system32\snmpmib.dll
23:44:05.0203 2548 C:\WINDOWS\system32\snmpmib.dll - ok
23:44:05.0203 2548 [ 8BC2B02DC11C98D14CEE43B8E8393FF3 ] C:\WINDOWS\system32\h323.tsp
23:44:05.0203 2548 C:\WINDOWS\system32\h323.tsp - ok
23:44:05.0203 2548 [ 480A97A55E986FA4733282D67737FAF8 ] C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\yjpdmegv\hphswemj.exe
23:44:05.0203 2548 C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\yjpdmegv\hphswemj.exe - ok
23:44:05.0218 2548 [ 6B552ED3BEE5AA3C4560478FF779BA98 ] C:\WINDOWS\system32\hidphone.tsp
23:44:05.0218 2548 C:\WINDOWS\system32\hidphone.tsp - ok
23:44:05.0218 2548 [ 384DA6A9C70889F01B99888C5E07072C ] C:\WINDOWS\system32\igmpagnt.dll
23:44:05.0218 2548 C:\WINDOWS\system32\igmpagnt.dll - ok
23:44:05.0218 2548 [ A93AEE1928A9D7CE3E16D24EC7380F89 ] C:\WINDOWS\system32\userinit.exe
23:44:05.0218 2548 C:\WINDOWS\system32\userinit.exe - ok
23:44:05.0234 2548 [ 93F02F396720478C656D65ECFB65A497 ] C:\WINDOWS\system32\mcastmib.dll
23:44:05.0234 2548 C:\WINDOWS\system32\mcastmib.dll - ok
23:44:05.0234 2548 [ D022E59E6F132660B2D7E66D41FFB341 ] C:\WINDOWS\system32\rtipxmib.dll
23:44:05.0234 2548 C:\WINDOWS\system32\rtipxmib.dll - ok
23:44:05.0234 2548 [ 12896823FB95BFB3DC9B46BCAEDC9923 ] C:\WINDOWS\explorer.exe
23:44:05.0234 2548 C:\WINDOWS\explorer.exe - ok
23:44:05.0250 2548 [ DEFEE5DEDD20C1E15532E88D5A4F7C96 ] C:\WINDOWS\system32\browseui.dll
23:44:05.0250 2548 C:\WINDOWS\system32\browseui.dll - ok
23:44:05.0250 2548 [ 5E283C987ED4BB42323A3C722EEBC081 ] C:\WINDOWS\system32\shdocvw.dll
23:44:05.0250 2548 C:\WINDOWS\system32\shdocvw.dll - ok
23:44:05.0250 2548 [ 912B67BB8249925A5C972FC5839EAE09 ] C:\WINDOWS\system32\actxprxy.dll
23:44:05.0250 2548 C:\WINDOWS\system32\actxprxy.dll - ok
23:44:05.0265 2548 [ 30DB64D316F502558DB2380F7343C9FD ] C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL
23:44:05.0265 2548 C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL - ok
23:44:05.0265 2548 [ 207204AF80505AF51271FE164B56F662 ] C:\PROGRA~1\MICROS~3\Office12\GrooveUtil.dll
23:44:05.0265 2548 C:\PROGRA~1\MICROS~3\Office12\GrooveUtil.dll - ok
23:44:05.0265 2548 [ 30EFEBDC960A482E3E188B9960B286E2 ] C:\PROGRA~1\MICROS~3\Office12\GrooveNew.dll
23:44:05.0265 2548 C:\PROGRA~1\MICROS~3\Office12\GrooveNew.dll - ok
23:44:05.0281 2548 [ FF3477C03BE7201C294C35F684B3479F ] C:\WINDOWS\system32\termsrv.dll
23:44:05.0281 2548 C:\WINDOWS\system32\termsrv.dll - ok
23:44:05.0281 2548 [ D5E459BED3DB9CF7FC6CC1455F177D2D ] C:\WINDOWS\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_a4c618fa\ATL80.dll
23:44:05.0281 2548 C:\WINDOWS\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_a4c618fa\ATL80.dll - ok
23:44:05.0281 2548 [ DF6551E4C4C46655A0C76194F1FCEA5D ] C:\WINDOWS\system32\icaapi.dll
23:44:05.0281 2548 C:\WINDOWS\system32\icaapi.dll - ok
23:44:05.0296 2548 [ B4ED498E3BFEE64E952BC44FC6057DB8 ] C:\WINDOWS\system32\desk.cpl
23:44:05.0296 2548 C:\WINDOWS\system32\desk.cpl - ok
23:44:05.0296 2548 [ 2D65D56C2F8B6CC5EBFF8E7200C30304 ] C:\WINDOWS\system32\mstlsapi.dll
23:44:05.0296 2548 C:\WINDOWS\system32\mstlsapi.dll - ok
23:44:05.0296 2548 [ A314EEA2A503A8E04085201E436384A5 ] C:\WINDOWS\system32\themeui.dll
23:44:05.0296 2548 C:\WINDOWS\system32\themeui.dll - ok
23:44:05.0312 2548 [ D8C2B95BC2353E1F18850D6B8F5DBA13 ] C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
23:44:05.0312 2548 C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll - ok
23:44:05.0312 2548 [ ACFEE2392503DD5E457363A0510B8BCB ] C:\WINDOWS\system32\msxml3.dll
23:44:05.0312 2548 C:\WINDOWS\system32\msxml3.dll - ok
23:44:05.0312 2548 [ 6D778E0F95447E6546553EEEA709D03C ] C:\WINDOWS\system32\cmd.exe
23:44:05.0312 2548 C:\WINDOWS\system32\cmd.exe - ok
23:44:05.0328 2548 [ CE5BC065C74C0A49486664CF71E0CA0A ] C:\WINDOWS\system32\ieframe.dll
23:44:05.0328 2548 C:\WINDOWS\system32\ieframe.dll - ok
23:44:05.0328 2548 [ 480A97A55E986FA4733282D67737FAF8 ] C:\DOCUME~1\COMPAQ~1\LOCALS~1\temp\yucnygos.exe
23:44:05.0328 2548 C:\DOCUME~1\COMPAQ~1\LOCALS~1\temp\yucnygos.exe - ok
23:44:05.0328 2548 [ 533AECD1B5356870AE2D905B4D3B42B7 ] C:\Program Files\Microsoft Office\Office12\GrooveMisc.dll
23:44:05.0328 2548 C:\Program Files\Microsoft Office\Office12\GrooveMisc.dll - ok
23:44:05.0343 2548 [ C5A2155E27F1E00B629ECA9FED6AC841 ] C:\DOCUME~1\COMPAQ~1\LOCALS~1\temp\FB0EFC92-7212-42C4-A250-28A2D7E03F4E.exe
23:44:05.0343 2548 C:\DOCUME~1\COMPAQ~1\LOCALS~1\temp\FB0EFC92-7212-42C4-A250-28A2D7E03F4E.exe - ok
23:44:05.0343 2548 [ 17AA58A54C00F1746B8654C050491F43 ] C:\WINDOWS\system32\msutb.dll
23:44:05.0343 2548 C:\WINDOWS\system32\msutb.dll - ok
23:44:05.0343 2548 [ E40FCF943127DDC8FD60554B722D762B ] C:\WINDOWS\system32\msctf.dll
23:44:05.0343 2548 C:\WINDOWS\system32\msctf.dll - ok
23:44:05.0359 2548 [ 684559A03CBC1D05BA120A18B0D8BA5D ] C:\WINDOWS\system32\winhttp.dll
23:44:05.0359 2548 C:\WINDOWS\system32\winhttp.dll - ok
23:44:05.0359 2548 [ 2DC5A8019E2387987905F77C664E4BE2 ] C:\WINDOWS\system32\linkinfo.dll
23:44:05.0359 2548 C:\WINDOWS\system32\linkinfo.dll - ok
23:44:05.0359 2548 [ A70A2D85AD143D6BB823C246CEB699A5 ] C:\WINDOWS\system32\ntshrui.dll
23:44:05.0359 2548 C:\WINDOWS\system32\ntshrui.dll - ok
23:44:05.0375 2548 [ 91790D6749EBED90E2C40479C0A91879 ] C:\WINDOWS\system32\verclsid.exe
23:44:05.0375 2548 C:\WINDOWS\system32\verclsid.exe - ok
23:44:05.0375 2548 [ 5D999BF519415D1C8EE0B97FF6A254DB ] C:\Program Files\Microsoft Office\Office12\MSOHEVI.DLL
23:44:05.0375 2548 C:\Program Files\Microsoft Office\Office12\MSOHEVI.DLL - ok
23:44:05.0375 2548 [ 9583183A032C85706B81B92A25C5B331 ] C:\WINDOWS\RTHDCPL.exe
23:44:05.0375 2548 C:\WINDOWS\RTHDCPL.exe - ok
23:44:05.0390 2548 [ 22D71D1DB6FC789A1CE8AC6963580259 ] C:\WINDOWS\system32\hhctrl.ocx
23:44:05.0390 2548 C:\WINDOWS\system32\hhctrl.ocx - ok
23:44:05.0390 2548 [ 062F837C1FBDB6A0A75F82EFC2EE8E74 ] C:\WINDOWS\system32\netshell.dll
23:44:05.0390 2548 C:\WINDOWS\system32\netshell.dll - ok
23:44:05.0390 2548 [ 4D83ED8BDDEC431FC8AD907B47CFB6E3 ] C:\WINDOWS\system32\dsound.dll
23:44:05.0390 2548 C:\WINDOWS\system32\dsound.dll - ok
23:44:05.0406 2548 [ 4E8F3230BAC8C1CAADF01A8C728E1C5C ] C:\WINDOWS\system32\dot3dlg.dll
23:44:05.0406 2548 C:\WINDOWS\system32\dot3dlg.dll - ok
23:44:05.0406 2548 [ CA04959077AFE36369D37B3504740C87 ] C:\WINDOWS\system32\onex.dll
23:44:05.0406 2548 C:\WINDOWS\system32\onex.dll - ok
23:44:05.0406 2548 [ 5DB625E7D095604010CF84DE2D8ACFA6 ] C:\WINDOWS\system32\eappcfg.dll
23:44:05.0406 2548 C:\WINDOWS\system32\eappcfg.dll - ok
23:44:05.0421 2548 [ ABC4206543450C0666D152F4B65833B8 ] C:\WINDOWS\system32\eappprxy.dll
23:44:05.0421 2548 C:\WINDOWS\system32\eappprxy.dll - ok
23:44:05.0421 2548 [ 469690B9702F02AF087EA52B3B843202 ] C:\WINDOWS\SOUNDMAN.EXE
23:44:05.0421 2548 C:\WINDOWS\SOUNDMAN.EXE - ok
23:44:05.0421 2548 [ CC8915DB4E33E8FB29CA0D2DBF75306E ] C:\WINDOWS\system32\webcheck.dll
23:44:05.0421 2548 C:\WINDOWS\system32\webcheck.dll - ok
23:44:05.0437 2548 [ 50512FC9B7878E3C2C147BC17326A7DB ] C:\WINDOWS\system32\stobject.dll
23:44:05.0437 2548 C:\WINDOWS\system32\stobject.dll - ok
23:44:05.0437 2548 [ 231A0B0E3BA7ABFE469A8262FAA1FD71 ] C:\WINDOWS\system32\batmeter.dll
23:44:05.0437 2548 C:\WINDOWS\system32\batmeter.dll - ok
23:44:05.0437 2548 [ D7D69F304A604387B86BE991CBF07663 ] C:\WINDOWS\system32\WPDShServiceObj.dll
23:44:05.0437 2548 C:\WINDOWS\system32\WPDShServiceObj.dll - ok
23:44:05.0453 2548 [ 439231898C6FDC13996AE3D733D00FBA ] C:\WINDOWS\system32\CTHELPER.EXE
23:44:05.0453 2548 C:\WINDOWS\system32\CTHELPER.EXE - ok
23:44:05.0453 2548 [ 3CBA2210FA39C6ED7895634842E930DD ] C:\WINDOWS\system32\sensapi.dll
23:44:05.0453 2548 C:\WINDOWS\system32\sensapi.dll - ok
23:44:05.0453 2548 [ 897C26D149F4750FAF8666727DD5DD0A ] C:\WINDOWS\ALCWZRD.EXE
23:44:05.0453 2548 C:\WINDOWS\ALCWZRD.EXE - ok
23:44:05.0468 2548 [ 310F1E8A0781887BA1C217448C0E4D48 ] C:\WINDOWS\SMINST\Recguard.exe
23:44:05.0468 2548 C:\WINDOWS\SMINST\Recguard.exe - ok
23:44:05.0468 2548 [ 25CF0DAE6043D8167B813ED7CDE5C76E ] C:\Program Files\Common Files\Logitech\QCDriver2\LVComS.exe
23:44:05.0468 2548 C:\Program Files\Common Files\Logitech\QCDriver2\LVComS.exe - ok
23:44:05.0468 2548 [ 538A270F35A713C360B7ED4168BB7521 ] C:\WINDOWS\system32\mydocs.dll
23:44:05.0468 2548 C:\WINDOWS\system32\mydocs.dll - ok
23:44:05.0484 2548 [ 0B467F470CC9918FDCEEDCFD7DC4D697 ] C:\WINDOWS\system32\oledlg.dll
23:44:05.0484 2548 C:\WINDOWS\system32\oledlg.dll - ok
23:44:05.0484 2548 [ 5652F6CE1D9E9D8068B9D29BC21B5409 ] C:\WINDOWS\system32\olepro32.dll
23:44:05.0484 2548 C:\WINDOWS\system32\olepro32.dll - ok
23:44:05.0484 2548 [ E8B5BE3B1298E6C55F984105176A5DDB ] C:\Program Files\Nokia\Nokia PC Suite 7\PhoneBrowser.dll
23:44:05.0484 2548 C:\Program Files\Nokia\Nokia PC Suite 7\PhoneBrowser.dll - ok
23:44:05.0500 2548 [ 9819C4F68686E9FE1D62DD0D4767DDD5 ] C:\hp\drivers\hplsbwatcher\LSBurnWatcher.exe
23:44:05.0500 2548 C:\hp\drivers\hplsbwatcher\LSBurnWatcher.exe - ok
23:44:05.0500 2548 [ 79D4D68D6BDD2A704B088CE06B88DD1F ] C:\Program Files\Nokia\Nokia PC Suite 7\NGSCM.dll
23:44:05.0500 2548 C:\Program Files\Nokia\Nokia PC Suite 7\NGSCM.dll - ok
23:44:05.0500 2548 [ 80776884E7A05D6DA5040926F82B0273 ] C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6002.22791_x-ww_c8dff154\GdiPlus.dll
23:44:05.0500 2548 C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6002.22791_x-ww_c8dff154\GdiPlus.dll - ok
23:44:05.0515 2548 [ 0B3595A4FF0B36D68E5FC67FD7D70FDC ] C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\msvcp80.dll
23:44:05.0515 2548 C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\msvcp80.dll - ok
23:44:05.0515 2548 [ 75563FF603C40F0A5486750E0C486CC2 ] C:\Program Files\Nokia\Nokia PC Suite 7\PCSL.dll
23:44:05.0515 2548 C:\Program Files\Nokia\Nokia PC Suite 7\PCSL.dll - ok
23:44:05.0515 2548 [ 73DD6940DCCB252489CE5C4EF8CDA075 ] C:\Program Files\Nokia\Nokia PC Suite 7\Lang\PhoneBrowser_eng.NLR
23:44:05.0515 2548 C:\Program Files\Nokia\Nokia PC Suite 7\Lang\PhoneBrowser_eng.NLR - ok
23:44:05.0531 2548 [ F2699D792A0D3079E9B2EE7F6F7C62AF ] C:\Program Files\Nokia\Nokia PC Suite 7\Resource\PhoneBrowser_Nokia.NGR
23:44:05.0531 2548 C:\Program Files\Nokia\Nokia PC Suite 7\Resource\PhoneBrowser_Nokia.NGR - ok
23:44:05.0531 2548 [ 4A95F15B706B8FD9EC8715B6401EAB7B ] C:\hp\KBD\kbd.exe
23:44:05.0531 2548 C:\hp\KBD\kbd.exe - ok
23:44:05.0546 2548 [ A687C458B80C7D55CBE39649D952ED2A ] C:\WINDOWS\system32\PortableDeviceTypes.dll
23:44:05.0546 2548 C:\WINDOWS\system32\PortableDeviceTypes.dll - ok
23:44:05.0546 2548 [ 7139A13DD292272E12FFAF2499CA7BEB ] C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
23:44:05.0546 2548 C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe - ok
23:44:05.0546 2548 [ E132AD94798E72ACB650E985984C7F58 ] C:\WINDOWS\system32\PortableDeviceApi.dll
23:44:05.0546 2548 C:\WINDOWS\system32\PortableDeviceApi.dll - ok
23:44:05.0562 2548 [ 1C22A3866112ED41E1F3684DAE9AD5D2 ] C:\WINDOWS\system32\mmcshext.dll
23:44:05.0562 2548 C:\WINDOWS\system32\mmcshext.dll - ok
23:44:05.0562 2548 [ D3E868700D9B5E3C54B7EED060215CC1 ] C:\WINDOWS\system32\hhsetup.dll
23:44:05.0562 2548 C:\WINDOWS\system32\hhsetup.dll - ok
23:44:05.0562 2548 [ B4B4EB2F8849E93FE5FECE11E52C5930 ] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe
23:44:05.0562 2548 C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe - ok
23:44:05.0578 2548 [ 8BBBADA96FFE1449EDD39256EDA99CD8 ] C:\WINDOWS\system32\igfxtray.exe
23:44:05.0578 2548 C:\WINDOWS\system32\igfxtray.exe - ok
23:44:05.0578 2548 [ 06A1ECB63DF139EC639E084D4AB3C9D7 ] C:\WINDOWS\system\hpsysdrv.exe
23:44:05.0578 2548 C:\WINDOWS\system\hpsysdrv.exe - ok
23:44:05.0578 2548 [ 0E34B7BB1FCF22BCC1E394D16F9E992B ] C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
23:44:05.0578 2548 C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe - ok
23:44:05.0593 2548 [ E7BE65BF79906AEBC698E077D53F6A1C ] C:\WINDOWS\AGRSMMSG.exe
23:44:05.0593 2548 C:\WINDOWS\AGRSMMSG.exe - ok
23:44:05.0593 2548 [ 707C0C5D9BE7163182227470E9CD3C9A ] C:\Program Files\Belkin\F5D8055\v2\Belkinwcui.exe
23:44:05.0593 2548 C:\Program Files\Belkin\F5D8055\v2\Belkinwcui.exe - ok
23:44:05.0593 2548 [ 62CE6A1F613BD445459D592FDE4AFE14 ] C:\WINDOWS\system32\nwiz.exe
23:44:05.0593 2548 C:\WINDOWS\system32\nwiz.exe - ok
23:44:05.0609 2548 [ 12916E0642E92561C98B18A2A2D01B14 ] C:\Program Files\Common Files\Java\Java Update\jusched.exe
23:44:05.0609 2548 C:\Program Files\Common Files\Java\Java Update\jusched.exe - ok
23:44:05.0609 2548 [ 9C9B6807425CEF840C117654D8B033D1 ] C:\Program Files\QuickTime\QTTask.exe
23:44:05.0609 2548 C:\Program Files\QuickTime\QTTask.exe - ok
23:44:05.0609 2548 [ 8E16BF5600797E678EA97051CF93E6BF ] C:\WINDOWS\system32\dumprep.exe
23:44:05.0609 2548 C:\WINDOWS\system32\dumprep.exe - ok
23:44:05.0625 2548 [ F34E7705751BB413283434697BF8E55D ] C:\Program Files\DAEMON Tools Lite\DTLite.exe
23:44:05.0625 2548 C:\Program Files\DAEMON Tools Lite\DTLite.exe - ok
23:44:05.0625 2548 [ C7144387E236687F8FB3F26FC845A822 ] C:\Program Files\Pando Networks\Media Booster\PMB.exe
23:44:05.0625 2548 C:\Program Files\Pando Networks\Media Booster\PMB.exe - ok
23:44:05.0625 2548 [ 5F1D5F88303D4A4DBC8E5F97BA967CC3 ] C:\WINDOWS\system32\ctfmon.exe
23:44:05.0625 2548 C:\WINDOWS\system32\ctfmon.exe - ok
23:44:05.0640 2548 [ 5B120AC95451AF137981C1BC13978806 ] C:\WINDOWS\system32\hccutils.dll
23:44:05.0640 2548 C:\WINDOWS\system32\hccutils.dll - ok
23:44:05.0640 2548 [ 76848CB1AA5818DB47D5F5986E0A7485 ] C:\WINDOWS\system32\mfc42.dll
23:44:05.0640 2548 C:\WINDOWS\system32\mfc42.dll - ok
23:44:05.0640 2548 [ 9385BD61B365DE7CF9AF3290B7D5A3B9 ] C:\Program Files\DAEMON Tools Lite\DTCommonRes.dll
23:44:05.0640 2548 C:\Program Files\DAEMON Tools Lite\DTCommonRes.dll - ok
23:44:05.0656 2548 [ A6D351093F75D16C574DB31CDF736153 ] C:\DOCUME~1\COMPAQ~1\LOCALS~1\temp\obfaabiv.sys
23:44:05.0656 2548 C:\DOCUME~1\COMPAQ~1\LOCALS~1\temp\obfaabiv.sys - ok
23:44:05.0656 2548 [ 4C5E139FAB02BEE58EDC88E1512110FB ] C:\Program Files\Pando Networks\Media Booster\nspr4.dll
23:44:05.0656 2548 C:\Program Files\Pando Networks\Media Booster\nspr4.dll - ok
23:44:05.0656 2548 [ E2C48CD0132D4D1DC7D0DF9A6BEF686A ] C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_150c9e8b\mfc80u.dll
23:44:05.0656 2548 C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_150c9e8b\mfc80u.dll - ok
23:44:05.0671 2548 [ D6F934A361D7F0BE8271673988D4E7FD ] C:\WINDOWS\temp\62e26657
23:44:05.0671 2548 C:\WINDOWS\temp\62e26657 - ok
23:44:05.0671 2548 [ F68A3F0D63BE926ED65ED1C8C5B03A3D ] C:\hp\KBD\LED.DLL
23:44:05.0671 2548 C:\hp\KBD\LED.DLL - ok
23:44:05.0671 2548 [ 51AD048199C49AA40FF318235D2B08CA ] C:\hp\KBD\USB.DLL
23:44:05.0671 2548 C:\hp\KBD\USB.DLL - ok
23:44:05.0687 2548 [ CDBE9690CF2B8409FACAD94FAC9479C9 ] C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_31a54e43\msvcr90.dll
23:44:05.0687 2548 C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_31a54e43\msvcr90.dll - ok
23:44:05.0687 2548 [ 94F6FEC3F5C5532F264FFE05709DE767 ] C:\hp\KBD\PS2.DLL
23:44:05.0687 2548 C:\hp\KBD\PS2.DLL - ok
23:44:05.0687 2548 [ FE528A46F46602F1BB8F4F216C39C357 ] C:\hp\KBD\MSG.DLL
23:44:05.0687 2548 C:\hp\KBD\MSG.DLL - ok
23:44:05.0703 2548 [ 80A44106AC048D325B4F667B24DE1E40 ] C:\Program Files\Pando Networks\Media Booster\plc4.dll
23:44:05.0703 2548 C:\Program Files\Pando Networks\Media Booster\plc4.dll - ok
23:44:05.0703 2548 [ 2E4933748178F6D7BD09BA5F38FE044E ] C:\hp\KBD\OSD.DLL
23:44:05.0703 2548 C:\hp\KBD\OSD.DLL - ok
23:44:05.0703 2548 [ 3C73C6447195D2006802F4FF452496A7 ] C:\hp\KBD\SCT.DLL
23:44:05.0703 2548 C:\hp\KBD\SCT.DLL - ok
23:44:05.0718 2548 [ 63DA5CAD540EF9074ED25DAFF40FC299 ] C:\Program Files\Pando Networks\Media Booster\BugSplat.dll
23:44:05.0718 2548 C:\Program Files\Pando Networks\Media Booster\BugSplat.dll - ok
23:44:05.0718 2548 [ AB529AB0BFD476644A6DB2357C98D1D5 ] C:\hp\KBD\ONL.DLL
23:44:05.0718 2548 C:\hp\KBD\ONL.DLL - ok
23:44:05.0718 2548 [ 7DAD1668B146685818C5504791FD15BC ] C:\hp\KBD\AOL.DLL
23:44:05.0718 2548 C:\hp\KBD\AOL.DLL - ok
23:44:05.0734 2548 [ 87672FD8B10E0E3D6098799CAFF04C3D ] C:\Program Files\DAEMON Tools Lite\DTLiteUI.dll
23:44:05.0734 2548 C:\Program Files\DAEMON Tools Lite\DTLiteUI.dll - ok
23:44:05.0734 2548 [ 0E280A4A6805A752F30F2981D6C4603C ] C:\hp\KBD\URL.DLL
23:44:05.0734 2548 C:\hp\KBD\URL.DLL - ok
23:44:05.0734 2548 [ 0617536C5EDAF36F301BD2B04C05E30F ] C:\Program Files\Common Files\InstallShield\UpdateService\_ispmres.dll
23:44:05.0734 2548 C:\Program Files\Common Files\InstallShield\UpdateService\_ispmres.dll - ok
23:44:05.0750 2548 [ 871F979D70414C900B35E56222932DAF ] C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_6f74963e\msvcp90.dll
23:44:05.0750 2548 C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_6f74963e\msvcp90.dll - ok
23:44:05.0750 2548 [ 261E5E3602941656A1442B255C936B9E ] C:\hp\KBD\CFG.DLL
23:44:05.0750 2548 C:\hp\KBD\CFG.DLL - ok
23:44:05.0750 2548 [ 75EF99EC95884BF97EE054F3B97898FC ] C:\WINDOWS\system32\nview.dll
23:44:05.0750 2548 C:\WINDOWS\system32\nview.dll - ok
23:44:05.0765 2548 [ 4D03CA609E68F4C90CF66515218017F8 ] C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_6f74963e\msvcr90.dll
23:44:05.0765 2548 C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_6f74963e\msvcr90.dll - ok
23:44:05.0765 2548 [ 60DB5561F7B646FA217E9EA6561E6705 ] C:\hp\KBD\MSIKBDIF.DLL
23:44:05.0765 2548 C:\hp\KBD\MSIKBDIF.DLL - ok
23:44:05.0765 2548 [ 585992D78B671AAA075C02241309795D ] C:\WINDOWS\system32\msvcirt.dll
23:44:05.0765 2548 C:\WINDOWS\system32\msvcirt.dll - ok
23:44:05.0781 2548 [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] C:\WINDOWS\system32\netman.dll
23:44:05.0781 2548 C:\WINDOWS\system32\netman.dll - ok
23:44:05.0781 2548 [ CBFA0B98EFBEB31D5B98C5BFB918328F ] C:\Program Files\Pando Networks\Media Booster\nss3.dll
23:44:05.0781 2548 C:\Program Files\Pando Networks\Media Booster\nss3.dll - ok
23:44:05.0781 2548 [ 63C5640C22ED06766B7EDD04ABE76287 ] C:\Program Files\Pando Networks\Media Booster\softokn3.dll
23:44:05.0781 2548 C:\Program Files\Pando Networks\Media Booster\softokn3.dll - ok
23:44:05.0796 2548 [ DCF946D365991221DFDD5DB29C4BFDF7 ] C:\Program Files\Pando Networks\Media Booster\plds4.dll
23:44:05.0796 2548 C:\Program Files\Pando Networks\Media Booster\plds4.dll - ok
23:44:05.0796 2548 [ B4AF61BDA9D4C58FB9B67B9759A98205 ] C:\Program Files\Pando Networks\Media Booster\ssl3.dll
23:44:05.0796 2548 C:\Program Files\Pando Networks\Media Booster\ssl3.dll - ok
23:44:05.0812 2548 [ 28A09777D2D952122567A8A82F1A2C7B ] C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_6a5bb789\mfc80ENU.dll
23:44:05.0812 2548 C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_6a5bb789\mfc80ENU.dll - ok
23:44:05.0812 2548 [ 4E03322DB729B41AF2C362300DD5576E ] C:\WINDOWS\system32\nvmctray.dll
23:44:05.0812 2548 C:\WINDOWS\system32\nvmctray.dll - ok
23:44:05.0812 2548 [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] C:\WINDOWS\system32\rasmans.dll
23:44:05.0812 2548 C:\WINDOWS\system32\rasmans.dll - ok
23:44:05.0828 2548 [ 2A8681AEA24003040CA7D677BE9F1702 ] C:\WINDOWS\system32\drivers\14461855.sys
23:44:05.0828 2548 C:\WINDOWS\system32\drivers\14461855.sys - ok
23:44:05.0828 2548 [ 37A62C6092AADD2EFDE0468DD8818E99 ] C:\WINDOWS\system32\netcfgx.dll
23:44:05.0828 2548 C:\WINDOWS\system32\netcfgx.dll - ok
23:44:05.0828 2548 [ F0BF811622F2DD6C8E26EE4600D83731 ] C:\WINDOWS\system32\wbem\wbemcore.dll
23:44:05.0828 2548 C:\WINDOWS\system32\wbem\wbemcore.dll - ok
23:44:05.0843 2548 [ E4616430709F440CF1809D88DC2366EA ] C:\WINDOWS\system32\wbem\esscli.dll
23:44:05.0843 2548 C:\WINDOWS\system32\wbem\esscli.dll - ok
23:44:05.0843 2548 [ D95C71052E5EF63B55997FB31483D02F ] C:\WINDOWS\system32\wbem\wbemcomn.dll
23:44:05.0843 2548 C:\WINDOWS\system32\wbem\wbemcomn.dll - ok
23:44:05.0843 2548 [ 378A0AEFB11D8B0DC8C27B9F7604B88D ] C:\WINDOWS\system32\wbem\fastprox.dll
23:44:05.0843 2548 C:\WINDOWS\system32\wbem\fastprox.dll - ok
23:44:05.0859 2548 [ 6A5ED595E0CAD51DDE2DA14EDC8F4BFF ] C:\Program Files\Pando Networks\Media Booster\smime3.dll
23:44:05.0859 2548 C:\Program Files\Pando Networks\Media Booster\smime3.dll - ok
23:44:05.0859 2548 [ 4EA92135C436D18975C2EBEC242B71DA ] C:\WINDOWS\system32\icmp.dll
23:44:05.0859 2548 C:\WINDOWS\system32\icmp.dll - ok
23:44:05.0859 2548 [ 83DA953296B2D7CEE69B89F867C574D6 ] C:\WINDOWS\system32\nvwddi.dll
23:44:05.0859 2548 C:\WINDOWS\system32\nvwddi.dll - ok
23:44:05.0859 2548 [ 8F1BEC962E5A6F572CD4ADD1CC916055 ] C:\Program Files\Belkin\F5D8055\v2\BelkinwcuiDLL.dll
23:44:05.0875 2548 C:\Program Files\Belkin\F5D8055\v2\BelkinwcuiDLL.dll - ok
23:44:05.0875 2548 [ F6FAEC07446A78A9C5AF4558FF5BD118 ] C:\WINDOWS\ime\sptip.dll
23:44:05.0875 2548 C:\WINDOWS\ime\sptip.dll - ok
23:44:05.0875 2548 [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] C:\WINDOWS\system32\imapi.exe
23:44:05.0875 2548 C:\WINDOWS\system32\imapi.exe - ok
23:44:05.0890 2548 [ 3273D1565BF30225C115B480A3BB2C9D ] C:\WINDOWS\system32\wbem\wmiutils.dll
23:44:05.0890 2548 C:\WINDOWS\system32\wbem\wmiutils.dll - ok
23:44:05.0890 2548 [ D77E83743B07121B1D3941FD80375662 ] C:\WINDOWS\system32\SiSPower.dll
23:44:05.0890 2548 C:\WINDOWS\system32\SiSPower.dll - ok
23:44:05.0890 2548 [ 77A9702B15F85EAE57848FD0A64AC00E ] C:\Program Files\Common Files\InstallShield\UpdateService\agent.exe
23:44:05.0890 2548 C:\Program Files\Common Files\InstallShield\UpdateService\agent.exe - ok
23:44:05.0890 2548 [ 942A17D2901A31EA68627CBFFCD268CC ] C:\WINDOWS\system32\wbem\repdrvfs.dll
23:44:05.0890 2548 C:\WINDOWS\system32\wbem\repdrvfs.dll - ok
23:44:05.0906 2548 [ 071143F687B4F887E21461CA6CC7EB29 ] C:\WINDOWS\system32\wbem\wmiprvsd.dll
23:44:05.0906 2548 C:\WINDOWS\system32\wbem\wmiprvsd.dll - ok
23:44:05.0906 2548 [ 5716DD3DEC01F5D185A2EAC81D4078F3 ] C:\Program Files\DAEMON Tools Lite\Engine.dll
23:44:05.0906 2548 C:\Program Files\DAEMON Tools Lite\Engine.dll - ok
23:44:05.0906 2548 [ F3602B83B2312450C7036F7419F39618 ] C:\WINDOWS\system32\CTDCIFCE.DLL
23:44:05.0906 2548 C:\WINDOWS\system32\CTDCIFCE.DLL - ok
23:44:05.0921 2548 [ C1254C0B3641A3B3D8A5306AF9AE0638 ] C:\WINDOWS\system32\CTDC0001.DLL
23:44:05.0921 2548 C:\WINDOWS\system32\CTDC0001.DLL - ok
23:44:05.0921 2548 [ 7977EEA67691BA941CED002B13633ECE ] C:\Program Files\QuickTime\QTPlugin.ocx
23:44:05.0921 2548 C:\Program Files\QuickTime\QTPlugin.ocx - ok
23:44:05.0921 2548 [ 064B932A02A18A8E223CBD925EF5314C ] C:\WINDOWS\system32\CTOSUSER.DLL
23:44:05.0921 2548 C:\WINDOWS\system32\CTOSUSER.DLL - ok
23:44:05.0937 2548 [ 26D881D27CBE51D3614E68D7313EA026 ] C:\WINDOWS\system32\wbem\wbemess.dll
23:44:05.0937 2548 C:\WINDOWS\system32\wbem\wbemess.dll - ok
23:44:05.0937 2548 [ 2DDB0DBBC15C7B4F586E4F9DAEB3ADBD ] C:\WINDOWS\system32\CTDPROXY.DLL
23:44:05.0937 2548 C:\WINDOWS\system32\CTDPROXY.DLL - ok
23:44:05.0937 2548 [ 5F7692CEC90E2E9AA32CD58321E234B8 ] C:\WINDOWS\system32\rastapi.dll
23:44:05.0937 2548 C:\WINDOWS\system32\rastapi.dll - ok
23:44:05.0953 2548 [ 93C088C2AEB2F23E720BDA7E32BD5117 ] C:\WINDOWS\system32\upnp.dll
23:44:05.0953 2548 C:\WINDOWS\system32\upnp.dll - ok
23:44:05.0953 2548 [ 3D075865DCC26931972F6476AD0497BE ] C:\WINDOWS\system32\ssdpapi.dll
23:44:05.0953 2548 C:\WINDOWS\system32\ssdpapi.dll - ok
23:44:05.0953 2548 [ F80A415EF82CD06FFAF0D971528EAD38 ] C:\WINDOWS\system32\drivers\http.sys
23:44:05.0953 2548 C:\WINDOWS\system32\drivers\http.sys - ok
23:44:05.0968 2548 [ D2AF7A30E4B7BA1C743F0DCE11E04B5E ] C:\Program Files\Pando Networks\Media Booster\freebl3.dll
23:44:05.0968 2548 C:\Program Files\Pando Networks\Media Booster\freebl3.dll - ok
23:44:05.0968 2548 [ 0A5679B3714EDAB99E357057EE88FCA6 ] C:\WINDOWS\system32\ssdpsrv.dll
23:44:05.0968 2548 C:\WINDOWS\system32\ssdpsrv.dll - ok
23:44:05.0968 2548 [ 205ADD80FF8099B1A8101EB490B933D1 ] C:\WINDOWS\system32\wbem\wbemprox.dll
23:44:05.0968 2548 C:\WINDOWS\system32\wbem\wbemprox.dll - ok
23:44:05.0984 2548 [ 010472D0AE758227C6F6E6933549C219 ] C:\WINDOWS\system32\wbem\wbemsvc.dll
23:44:05.0984 2548 C:\WINDOWS\system32\wbem\wbemsvc.dll - ok
23:44:05.0984 2548 [ E0C2E23647C6C0AF298E470FAE6919CE ] C:\Program Files\Belkin\F5D8055\v2\PCARmDrv.exe
23:44:05.0984 2548 C:\Program Files\Belkin\F5D8055\v2\PCARmDrv.exe - ok
23:44:05.0984 2548 [ 0B254D63A581F93247A1A3D44DB903BB ] C:\WINDOWS\system32\igfxdev.dll
23:44:05.0984 2548 C:\WINDOWS\system32\igfxdev.dll - ok
23:44:06.0000 2548 [ 65A9495A436F5402BC1C467E1B926C27 ] C:\WINDOWS\winhlp32.exe
23:44:06.0000 2548 C:\WINDOWS\winhlp32.exe - ok
23:44:06.0000 2548 [ D4931277DF5393E84A48B27DF40914E3 ] C:\WINDOWS\system32\riched32.dll
23:44:06.0000 2548 C:\WINDOWS\system32\riched32.dll - ok
23:44:06.0000 2548 [ D0545A010ED2259A740C8414899A938F ] C:\WINDOWS\system32\rasppp.dll
23:44:06.0000 2548 C:\WINDOWS\system32\rasppp.dll - ok
23:44:06.0015 2548 [ B464BD425D5D09ABE4192234D1577B22 ] C:\WINDOWS\system32\ntlsapi.dll
23:44:06.0015 2548 C:\WINDOWS\system32\ntlsapi.dll - ok
23:44:06.0015 2548 [ A655C88AA555BB8EF8957BD29408827F ] C:\WINDOWS\system32\rasqec.dll
23:44:06.0015 2548 C:\WINDOWS\system32\rasqec.dll - ok
23:44:06.0015 2548 [ B7C7FA3BEDE83AC5F1DE03B30D494CC1 ] C:\WINDOWS\system32\httpapi.dll
23:44:06.0015 2548 C:\WINDOWS\system32\httpapi.dll - ok
23:44:06.0031 2548 [ 69EE0CB3B05F619EFF7E46F978BBFEEA ] C:\WINDOWS\system32\asycfilt.dll
23:44:06.0031 2548 C:\WINDOWS\system32\asycfilt.dll - ok
23:44:06.0031 2548 [ D26451B540720A7313A9BCBE794DAF62 ] C:\WINDOWS\system32\wbem\ncprov.dll
23:44:06.0031 2548 C:\WINDOWS\system32\wbem\ncprov.dll - ok
23:44:06.0031 2548 [ 6100A808600F44D999CEBDEF8841C7A3 ] C:\WINDOWS\system32\w3ssl.dll
23:44:06.0031 2548 C:\WINDOWS\system32\w3ssl.dll - ok
23:44:06.0046 2548 [ 4A93B65CFB514F2EA76B59568D5F39CE ] C:\WINDOWS\system32\strmfilt.dll
23:44:06.0046 2548 C:\WINDOWS\system32\strmfilt.dll - ok
23:44:06.0046 2548 [ 6404807ABC7AF52FA3792697AE638B50 ] C:\WINDOWS\system32\wbem\wbemcons.dll
23:44:06.0046 2548 C:\WINDOWS\system32\wbem\wbemcons.dll - ok
23:44:06.0046 2548 [ FEF1E65F151B1EC74A83597FD65BAC4F ] C:\Program Files\Belkin\F5D8055\v2\BelkinHWStatus.dll
23:44:06.0046 2548 C:\Program Files\Belkin\F5D8055\v2\BelkinHWStatus.dll - ok
23:44:06.0062 2548 [ DBE2B62353660ECCA0D75EA307A717E9 ] C:\WINDOWS\system32\perfctrs.dll
23:44:06.0062 2548 C:\WINDOWS\system32\perfctrs.dll - ok
23:44:06.0062 2548 [ 401A8C0BE0BAA7D7A470F0942244152D ] C:\WINDOWS\system32\rasdlg.dll
23:44:06.0062 2548 C:\WINDOWS\system32\rasdlg.dll - ok
23:44:06.0062 2548 [ 90A9B542C9300E540864D9FE1C42A130 ] C:\WINDOWS\system32\fxsst.dll
23:44:06.0062 2548 C:\WINDOWS\system32\fxsst.dll - ok
23:44:06.0078 2548 [ 36468087E22C57A83DF758B3F90DF73F ] C:\WINDOWS\system32\ntlanman.dll
23:44:06.0078 2548 C:\WINDOWS\system32\ntlanman.dll - ok
23:44:06.0078 2548 [ AC5DF42FE314C1446B1DAD237BFCFFE0 ] C:\WINDOWS\system32\netui0.dll
23:44:06.0078 2548 C:\WINDOWS\system32\netui0.dll - ok
23:44:06.0078 2548 [ ED5A816D8E11E03F1937AC3C56826EE4 ] C:\WINDOWS\system32\netui1.dll
23:44:06.0078 2548 C:\WINDOWS\system32\netui1.dll - ok
23:44:06.0093 2548 [ 2DE1190196EE9555DB548A57622022EB ] C:\WINDOWS\system32\drprov.dll
23:44:06.0093 2548 C:\WINDOWS\system32\drprov.dll - ok
23:44:06.0093 2548 [ FB8F8EEC8D9C2157789472DD61CDC78B ] C:\WINDOWS\system32\davclnt.dll
23:44:06.0093 2548 C:\WINDOWS\system32\davclnt.dll - ok
23:44:06.0093 2548 [ 88BEEF09C654252F3E46B6167B7F4ECB ] C:\WINDOWS\system32\msisip.dll
23:44:06.0093 2548 C:\WINDOWS\system32\msisip.dll - ok
23:44:06.0109 2548 [ 3A6D465F379E5C815F4AD565391E654C ] C:\WINDOWS\system32\wshext.dll
23:44:06.0109 2548 C:\WINDOWS\system32\wshext.dll - ok
23:44:06.0109 2548 [ BC03475EC281AA1E685388896ACADE8D ] C:\Program Files\Mozilla Firefox\firefox.exe
23:44:06.0109 2548 C:\Program Files\Mozilla Firefox\firefox.exe - ok
23:44:06.0109 2548 [ 67EC459E42D3081DD8FD34356F7CAFC1 ] C:\Program Files\Mozilla Firefox\msvcr100.dll
23:44:06.0109 2548 C:\Program Files\Mozilla Firefox\msvcr100.dll - ok
23:44:06.0125 2548 [ CC6FEB2186A2537DBD300DA012428C8F ] C:\Program Files\Mozilla Firefox\mozglue.dll
23:44:06.0125 2548 C:\Program Files\Mozilla Firefox\mozglue.dll - ok
23:44:06.0125 2548 [ BBA763ABF2DE608FB5D196D4037695D8 ] C:\Program Files\Mozilla Firefox\nspr4.dll
23:44:06.0125 2548 C:\Program Files\Mozilla Firefox\nspr4.dll - ok
23:44:06.0125 2548 [ 03E9314004F504A14A61C3D364B62F66 ] C:\Program Files\Mozilla Firefox\msvcp100.dll
23:44:06.0125 2548 C:\Program Files\Mozilla Firefox\msvcp100.dll - ok
23:44:06.0140 2548 [ 461E8171CC252CE0BE406F7928653493 ] C:\Program Files\Mozilla Firefox\mozjs.dll
23:44:06.0140 2548 C:\Program Files\Mozilla Firefox\mozjs.dll - ok
23:44:06.0140 2548 [ A20918072F6E8D1175F1CCF4B3809E2C ] C:\Program Files\Mozilla Firefox\nssutil3.dll
23:44:06.0140 2548 C:\Program Files\Mozilla Firefox\nssutil3.dll - ok
23:44:06.0140 2548 [ B67DD248876685C9C6F981B462876FAD ] C:\Program Files\Mozilla Firefox\plc4.dll
23:44:06.0140 2548 C:\Program Files\Mozilla Firefox\plc4.dll - ok
23:44:06.0156 2548 [ B1C8AFE8E448DAB0D8E9D4EAEF2C5FE4 ] C:\Program Files\Mozilla Firefox\plds4.dll
23:44:06.0156 2548 C:\Program Files\Mozilla Firefox\plds4.dll - ok
23:44:06.0156 2548 [ AE3023742879C317A1B1CA576185DA98 ] C:\Program Files\Mozilla Firefox\nss3.dll
23:44:06.0156 2548 C:\Program Files\Mozilla Firefox\nss3.dll - ok
23:44:06.0156 2548 [ B5589F1F0AEDC9CDFC6A3BAB55B9A340 ] C:\Program Files\Mozilla Firefox\smime3.dll
23:44:06.0156 2548 C:\Program Files\Mozilla Firefox\smime3.dll - ok
23:44:06.0171 2548 [ B2A0CB1C0A17A6C04625DE4457B4B847 ] C:\Program Files\Mozilla Firefox\ssl3.dll
23:44:06.0171 2548 C:\Program Files\Mozilla Firefox\ssl3.dll - ok
23:44:06.0171 2548 [ C2695F2C77081F68269D93014953657E ] C:\Program Files\Mozilla Firefox\mozalloc.dll
23:44:06.0171 2548 C:\Program Files\Mozilla Firefox\mozalloc.dll - ok
23:44:06.0171 2548 [ AD4E1F7A31B0D1DF306E16AAEEAC3A19 ] C:\Program Files\Mozilla Firefox\mozsqlite3.dll
23:44:06.0171 2548 C:\Program Files\Mozilla Firefox\mozsqlite3.dll - ok
23:44:06.0187 2548 [ 1CDB643F6561E4648D47B6BBF7333122 ] C:\Program Files\Mozilla Firefox\gkmedias.dll
23:44:06.0187 2548 C:\Program Files\Mozilla Firefox\gkmedias.dll - ok
23:44:06.0187 2548 [ 9E03DC5AB51CFD0190541CE2038D819D ] C:\WINDOWS\system32\usp10.dll
23:44:06.0187 2548 C:\WINDOWS\system32\usp10.dll - ok
23:44:06.0187 2548 [ C9CB0A6626B731206BF9E1007CE4755D ] C:\Program Files\Mozilla Firefox\xul.dll
23:44:06.0187 2548 C:\Program Files\Mozilla Firefox\xul.dll - ok
23:44:06.0203 2548 [ F3CA1C3694EAC2B2E44AEF94406E3768 ] C:\Program Files\Mozilla Firefox\xpcom.dll
23:44:06.0203 2548 C:\Program Files\Mozilla Firefox\xpcom.dll - ok
23:44:06.0203 2548 [ DBC50C88618094AEEE22723C11D6307A ] C:\Program Files\Mozilla Firefox\components\browsercomps.dll
23:44:06.0203 2548 C:\Program Files\Mozilla Firefox\components\browsercomps.dll - ok
23:44:06.0203 2548 [ D0049860B63DD87A73A5D165C829C65F ] C:\WINDOWS\system32\t2embed.dll
23:44:06.0203 2548 C:\WINDOWS\system32\t2embed.dll - ok
23:44:06.0218 2548 [ C3200506FB212A0F4FB736A80E646C40 ] C:\WINDOWS\system32\lz32.dll
23:44:06.0218 2548 C:\WINDOWS\system32\lz32.dll - ok
23:44:06.0218 2548 [ B6A4E9A4364EE9A6CD8D81CA3AB9EE36 ] C:\Program Files\Mozilla Firefox\softokn3.dll
23:44:06.0218 2548 C:\Program Files\Mozilla Firefox\softokn3.dll - ok
23:44:06.0218 2548 [ 45357A45CB97C45A21A675CFC0070223 ] C:\Program Files\Mozilla Firefox\nssdbm3.dll
23:44:06.0218 2548 C:\Program Files\Mozilla Firefox\nssdbm3.dll - ok
23:44:06.0234 2548 [ EA2A401F59CAE941DF233AC8B347F83B ] C:\Program Files\Mozilla Firefox\freebl3.dll
23:44:06.0234 2548 C:\Program Files\Mozilla Firefox\freebl3.dll - ok
23:44:06.0234 2548 [ 6ADE2A1469D6CC8263D0BBE05FA60B5C ] C:\Program Files\Mozilla Firefox\nssckbi.dll
23:44:06.0234 2548 C:\Program Files\Mozilla Firefox\nssckbi.dll - ok
23:44:06.0234 2548 [ 303A63F4B913AA5D8998161CB77A8CE7 ] C:\WINDOWS\system32\feclient.dll
23:44:06.0234 2548 C:\WINDOWS\system32\feclient.dll - ok
23:44:06.0250 2548 [ B48E7B4C95CCE0C6C0C3F7B1A97FBC8F ] C:\WINDOWS\system32\wzcdlg.dll
23:44:06.0250 2548 C:\WINDOWS\system32\wzcdlg.dll - ok
23:44:06.0250 2548 [ 467CFC0FE895D9FD08B27188CDE02063 ] C:\Program Files\Java\jre7\bin\awt.dll
23:44:06.0250 2548 C:\Program Files\Java\jre7\bin\awt.dll - ok
23:44:06.0250 2548 [ 95AC512898A8E9F0E76740EB259E4C31 ] C:\Program Files\Java\jre7\bin\client\jvm.dll
23:44:06.0250 2548 C:\Program Files\Java\jre7\bin\client\jvm.dll - ok
23:44:06.0265 2548 [ 87E6543D1CB0D386AC7AC287828E5B07 ] C:\Program Files\Java\jre7\bin\dcpr.dll
23:44:06.0265 2548 C:\Program Files\Java\jre7\bin\dcpr.dll - ok
23:44:06.0265 2548 [ 21F53789F627FF735F54E17BDA1DFD81 ] C:\Program Files\Java\jre7\bin\deploy.dll
23:44:06.0265 2548 C:\Program Files\Java\jre7\bin\deploy.dll - ok
23:44:06.0265 2548 [ 28661294ADE35EF4170615FD43A8A406 ] C:\Program Files\Java\jre7\bin\fontmanager.dll
23:44:06.0265 2548 C:\Program Files\Java\jre7\bin\fontmanager.dll - ok
23:44:06.0281 2548 [ 1E15EAF07C548430B88620AAFD75EB6A ] C:\Program Files\Java\jre7\bin\java.dll
23:44:06.0281 2548 C:\Program Files\Java\jre7\bin\java.dll - ok
23:44:06.0281 2548 [ A8F3C0659931724881347F586730827C ] C:\Program Files\Java\jre7\bin\javaw.exe
23:44:06.0281 2548 C:\Program Files\Java\jre7\bin\javaw.exe - ok
23:44:06.0281 2548 [ 567E9566ABB3590D5AABA395E76CE6BD ] C:\Program Files\Java\jre7\bin\jp2native.dll
23:44:06.0281 2548 C:\Program Files\Java\jre7\bin\jp2native.dll - ok
23:44:06.0296 2548 [ 0A93AD186EDBAFA06F60712C16063AC6 ] C:\Program Files\Java\jre7\bin\jpeg.dll
23:44:06.0296 2548 C:\Program Files\Java\jre7\bin\jpeg.dll - ok
23:44:06.0296 2548 [ CFFAD68E72DD41D207CBD0A77956989E ] C:\Program Files\Java\jre7\bin\net.dll
23:44:06.0296 2548 C:\Program Files\Java\jre7\bin\net.dll - ok
23:44:06.0296 2548 [ 96257A7FB009579DE9DC3A58D626BB47 ] C:\Program Files\Java\jre7\bin\nio.dll
23:44:06.0296 2548 C:\Program Files\Java\jre7\bin\nio.dll - ok
23:44:06.0312 2548 [ F613C1A517B04533C6DA1813200E2A95 ] C:\Program Files\Java\jre7\bin\verify.dll
23:44:06.0312 2548 C:\Program Files\Java\jre7\bin\verify.dll - ok
23:44:06.0312 2548 [ CFDBFCD763E3612E41E198D6AA3CB09A ] C:\Program Files\Java\jre7\bin\zip.dll
23:44:06.0312 2548 C:\Program Files\Java\jre7\bin\zip.dll - ok
23:44:06.0312 2548 ============================================================
23:44:06.0312 2548 Scan finished
23:44:06.0312 2548 ============================================================
23:44:06.0453 2212 Detected object count: 17
23:44:06.0453 2212 Actual detected object count: 17
23:44:32.0531 2212 AegisP ( UnsignedFile.Multi.Generic ) - skipped by user
23:44:32.0531 2212 AegisP ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:44:32.0531 2212 ctac32k ( UnsignedFile.Multi.Generic ) - skipped by user
23:44:32.0531 2212 ctac32k ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:44:32.0531 2212 ctdvda2k ( UnsignedFile.Multi.Generic ) - skipped by user
23:44:32.0531 2212 ctdvda2k ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:44:32.0546 2212 ctprxy2k ( UnsignedFile.Multi.Generic ) - skipped by user
23:44:32.0546 2212 ctprxy2k ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:44:32.0546 2212 ctsfm2k ( UnsignedFile.Multi.Generic ) - skipped by user
23:44:32.0546 2212 ctsfm2k ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:44:32.0546 2212 emupia ( UnsignedFile.Multi.Generic ) - skipped by user
23:44:32.0546 2212 emupia ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:44:32.0546 2212 ha10kx2k ( UnsignedFile.Multi.Generic ) - skipped by user
23:44:32.0546 2212 ha10kx2k ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:44:32.0546 2212 hap16v2k ( UnsignedFile.Multi.Generic ) - skipped by user
23:44:32.0546 2212 hap16v2k ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:44:32.0546 2212 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
23:44:32.0546 2212 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:44:32.0546 2212 Iviaspi ( UnsignedFile.Multi.Generic ) - skipped by user
23:44:32.0546 2212 Iviaspi ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:44:32.0562 2212 PCTINDIS5 ( UnsignedFile.Multi.Generic ) - skipped by user
23:44:32.0562 2212 PCTINDIS5 ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:44:32.0562 2212 PCTWPASV ( UnsignedFile.Multi.Generic ) - skipped by user
23:44:32.0562 2212 PCTWPASV ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:44:32.0562 2212 Pfc ( UnsignedFile.Multi.Generic ) - skipped by user
23:44:32.0562 2212 Pfc ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:44:32.0562 2212 ServiceLayer ( UnsignedFile.Multi.Generic ) - skipped by user
23:44:32.0562 2212 ServiceLayer ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:44:32.0562 2212 sptd ( LockedFile.Multi.Generic ) - skipped by user
23:44:32.0562 2212 sptd ( LockedFile.Multi.Generic ) - User select action: Skip
23:44:32.0562 2212 USBCM ( UnsignedFile.Multi.Generic ) - skipped by user
23:44:32.0562 2212 USBCM ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:44:32.0562 2212 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
23:44:32.0562 2212 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip
23:45:04.0984 1808 ============================================================
23:45:04.0984 1808 Scan started
23:45:04.0984 1808 Mode: Manual; SigCheck; TDLFS;
23:45:04.0984 1808 ============================================================
23:45:05.0453 1808 ================ Scan system memory ========================
23:45:05.0453 1808 System memory - ok
23:45:05.0453 1808 ================ Scan services =============================
23:45:05.0609 1808 Abiosdsk - ok
23:45:05.0625 1808 abp480n5 - ok
23:45:05.0671 1808 [ 8FD99680A539792A30E97944FDAECF17 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
23:45:05.0812 1808 ACPI - ok
23:45:05.0843 1808 [ 9859C0F6936E723E4892D7141B1327D5 ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
23:45:05.0984 1808 ACPIEC - ok
23:45:06.0015 1808 [ B05F2367F62552A2DE7E3C352B7B9885 ] ADM8511 C:\WINDOWS\system32\DRIVERS\ADM8511.SYS
23:45:06.0062 1808 ADM8511 - ok
23:45:06.0078 1808 adpu160m - ok
23:45:06.0109 1808 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys
23:45:06.0218 1808 aec - ok
23:45:06.0281 1808 [ 023867B6606FBABCDD52E089C4A507DA ] AegisP C:\WINDOWS\system32\DRIVERS\AegisP.sys
23:45:06.0312 1808 AegisP ( UnsignedFile.Multi.Generic ) - warning
23:45:06.0312 1808 AegisP - detected UnsignedFile.Multi.Generic (1)
23:45:06.0359 1808 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys
23:45:06.0406 1808 AFD - ok
23:45:06.0500 1808 [ 994A42D273C35B43EE9D1E8A5D8BC639 ] AgereSoftModem C:\WINDOWS\system32\DRIVERS\AGRSM.sys
23:45:06.0562 1808 AgereSoftModem - ok
23:45:06.0578 1808 Aha154x - ok
23:45:06.0578 1808 aic78u2 - ok
23:45:06.0593 1808 aic78xx - ok
23:45:06.0625 1808 [ A9A3DAA780CA6C9671A19D52456705B4 ] Alerter C:\WINDOWS\system32\alrsvc.dll
23:45:06.0765 1808 Alerter - ok
23:45:06.0796 1808 [ 8C515081584A38AA007909CD02020B3D ] ALG C:\WINDOWS\System32\alg.exe
23:45:06.0906 1808 ALG - ok
23:45:06.0906 1808 AliIde - ok
23:45:06.0953 1808 [ 8FCE268CDBDD83B23419D1F35F42C7B1 ] AmdK7 C:\WINDOWS\system32\DRIVERS\amdk7.sys
23:45:07.0062 1808 AmdK7 - ok
23:45:07.0078 1808 amsint - ok
23:45:07.0250 1808 [ A8AA9D47F971570A5162B862B80F87E8 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
23:45:07.0265 1808 Apple Mobile Device - ok
23:45:07.0265 1808 AppMgmt - ok
23:45:07.0312 1808 [ B5B8A80875C1DEDEDA8B02765642C32F ] Arp1394 C:\WINDOWS\system32\DRIVERS\arp1394.sys
23:45:07.0437 1808 Arp1394 - ok
23:45:07.0453 1808 asc - ok
23:45:07.0453 1808 asc3350p - ok
23:45:07.0468 1808 asc3550 - ok
23:45:07.0578 1808 [ 776ACEFA0CA9DF0FAA51A5FB2F435705 ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
23:45:07.0593 1808 aspnet_state - ok
23:45:07.0625 1808 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
23:45:07.0734 1808 AsyncMac - ok
23:45:07.0765 1808 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
23:45:07.0890 1808 atapi - ok
23:45:07.0906 1808 Atdisk - ok
23:45:07.0921 1808 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
23:45:08.0031 1808 Atmarpc - ok
23:45:08.0062 1808 [ DEF7A7882BEC100FE0B2CE2549188F9D ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
23:45:08.0187 1808 AudioSrv - ok
23:45:08.0218 1808 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
23:45:08.0375 1808 audstub - ok
23:45:08.0421 1808 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
23:45:08.0562 1808 Beep - ok
23:45:08.0593 1808 [ 9EFE4236F8670846B6E7C5B0EFF6E715 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
23:45:08.0609 1808 Bonjour Service - ok
23:45:08.0640 1808 [ F934D1B230F84E1D19DD00AC5A7A83ED ] Bridge C:\WINDOWS\system32\DRIVERS\bridge.sys
23:45:08.0765 1808 Bridge - ok
23:45:08.0765 1808 [ F934D1B230F84E1D19DD00AC5A7A83ED ] BridgeMP C:\WINDOWS\system32\DRIVERS\bridge.sys
23:45:08.0875 1808 BridgeMP - ok
23:45:08.0921 1808 [ CFD4E51402DA9838B5A04AE680AF54A0 ] Browser C:\WINDOWS\System32\browser.dll
23:45:08.0953 1808 Browser - ok
23:45:08.0968 1808 catchme - ok
23:45:09.0000 1808 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
23:45:09.0125 1808 cbidf2k - ok
23:45:09.0140 1808 [ 0BE5AEF125BE881C4F854C554F2B025C ] CCDECODE C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
23:45:09.0250 1808 CCDECODE - ok
23:45:09.0265 1808 cd20xrnt - ok
23:45:09.0296 1808 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
23:45:09.0437 1808 Cdaudio - ok
23:45:09.0468 1808 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
23:45:09.0578 1808 Cdfs - ok
23:45:09.0593 1808 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
23:45:09.0718 1808 Cdrom - ok
23:45:09.0734 1808 Changer - ok
23:45:09.0765 1808 [ 1CFE720EB8D93A7158A4EBC3AB178BDE ] cisvc C:\WINDOWS\system32\cisvc.exe
23:45:09.0906 1808 cisvc - ok
23:45:09.0937 1808 [ 34CBE729F38138217F9C80212A2A0C82 ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
23:45:10.0062 1808 ClipSrv - ok
23:45:10.0140 1808 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
23:45:10.0156 1808 clr_optimization_v2.0.50727_32 - ok
23:45:10.0203 1808 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
23:45:10.0218 1808 clr_optimization_v4.0.30319_32 - ok
23:45:10.0234 1808 CmdIde - ok
23:45:10.0234 1808 COMSysApp - ok
23:45:10.0250 1808 Cpqarray - ok
23:45:10.0281 1808 [ 3D4E199942E29207970E04315D02AD3B ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
23:45:10.0421 1808 CryptSvc - ok
23:45:10.0468 1808 [ A5E67327B49E1F4341D470D8BBCBC401 ] ctac32k C:\WINDOWS\system32\drivers\ctac32k.sys
23:45:10.0500 1808 ctac32k ( UnsignedFile.Multi.Generic ) - warning
23:45:10.0500 1808 ctac32k - detected UnsignedFile.Multi.Generic (1)
23:45:10.0531 1808 [ 29F78D59B053CB8778F8426E4E24099C ] ctdvda2k C:\WINDOWS\system32\drivers\ctdvda2k.sys
23:45:10.0546 1808 ctdvda2k ( UnsignedFile.Multi.Generic ) - warning
23:45:10.0546 1808 ctdvda2k - detected UnsignedFile.Multi.Generic (1)
23:45:10.0578 1808 [ C7FC5D87B06207A5D34697B627826618 ] ctprxy2k C:\WINDOWS\system32\drivers\ctprxy2k.sys
23:45:10.0593 1808 ctprxy2k ( UnsignedFile.Multi.Generic ) - warning
23:45:10.0593 1808 ctprxy2k - detected UnsignedFile.Multi.Generic (1)
23:45:10.0609 1808 [ 2C0AF71CF0E1224A2DFC2B67E63B02B1 ] ctsfm2k C:\WINDOWS\system32\drivers\ctsfm2k.sys
23:45:10.0625 1808 ctsfm2k ( UnsignedFile.Multi.Generic ) - warning
23:45:10.0625 1808 ctsfm2k - detected UnsignedFile.Multi.Generic (1)
23:45:10.0640 1808 dac2w2k - ok
23:45:10.0640 1808 dac960nt - ok
23:45:10.0687 1808 [ 6B27A5C03DFB94B4245739065431322C ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
23:45:10.0718 1808 DcomLaunch - ok
23:45:10.0781 1808 [ 5E38D7684A49CACFB752B046357E0589 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
23:45:10.0906 1808 Dhcp - ok
23:45:10.0937 1808 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
23:45:11.0046 1808 Disk - ok
23:45:11.0046 1808 dmadmin - ok
23:45:11.0109 1808 [ D992FE1274BDE0F84AD826ACAE022A41 ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
23:45:11.0234 1808 dmboot - ok
23:45:11.0265 1808 [ 7C824CF7BBDE77D95C08005717A95F6F ] dmio C:\WINDOWS\system32\drivers\dmio.sys
23:45:11.0390 1808 dmio - ok
23:45:11.0406 1808 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
23:45:11.0546 1808 dmload - ok
23:45:11.0578 1808 [ 57EDEC2E5F59F0335E92F35184BC8631 ] dmserver C:\WINDOWS\System32\dmserver.dll
23:45:11.0687 1808 dmserver - ok
23:45:11.0718 1808 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
23:45:11.0828 1808 DMusic - ok
23:45:11.0875 1808 [ 5F7E24FA9EAB896051FFB87F840730D2 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
23:45:11.0890 1808 Dnscache - ok
23:45:11.0937 1808 [ 0F0F6E687E5E15579EF4DA8DD6945814 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
23:45:12.0046 1808 Dot3svc - ok
23:45:12.0046 1808 dpti2o - ok
23:45:12.0078 1808 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
23:45:12.0187 1808 drmkaud - ok
23:45:12.0187 1808 EagleXNt - ok
23:45:12.0218 1808 [ 2187855A7703ADEF0CEF9EE4285182CC ] EapHost C:\WINDOWS\System32\eapsvc.dll
23:45:12.0328 1808 EapHost - ok
23:45:12.0343 1808 EL90XBC - ok
23:45:12.0359 1808 [ 091D37E0F5193F708C9006B1F2E23EE4 ] emupia C:\WINDOWS\system32\drivers\emupia2k.sys
23:45:12.0375 1808 emupia ( UnsignedFile.Multi.Generic ) - warning
23:45:12.0375 1808 emupia - detected UnsignedFile.Multi.Generic (1)
23:45:12.0390 1808 [ BC93B4A066477954555966D77FEC9ECB ] ERSvc C:\WINDOWS\System32\ersvc.dll
23:45:12.0531 1808 ERSvc - ok
23:45:12.0562 1808 [ 65DF52F5B8B6E9BBD183505225C37315 ] Eventlog C:\WINDOWS\system32\services.exe
23:45:12.0578 1808 Eventlog - ok
23:45:12.0640 1808 [ D4991D98F2DB73C60D042F1AEF79EFAE ] EventSystem C:\WINDOWS\System32\es.dll
23:45:12.0671 1808 EventSystem - ok
23:45:12.0703 1808 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
23:45:12.0843 1808 Fastfat - ok
23:45:12.0875 1808 [ 99BC0B50F511924348BE19C7C7313BBF ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
23:45:12.0890 1808 FastUserSwitchingCompatibility - ok
23:45:12.0953 1808 [ E97D6A8684466DF94FF3BC24FB787A07 ] Fax C:\WINDOWS\system32\fxssvc.exe
23:45:13.0078 1808 Fax - ok
23:45:13.0093 1808 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\DRIVERS\fdc.sys
23:45:13.0203 1808 Fdc - ok
23:45:13.0234 1808 [ D45926117EB9FA946A6AF572FBE1CAA3 ] Fips C:\WINDOWS\system32\drivers\Fips.sys
23:45:13.0343 1808 Fips - ok
23:45:13.0375 1808 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\DRIVERS\flpydisk.sys
23:45:13.0484 1808 Flpydisk - ok
23:45:13.0500 1808 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
23:45:13.0625 1808 FltMgr - ok
23:45:13.0734 1808 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
23:45:13.0750 1808 FontCache3.0.0.0 - ok
23:45:13.0765 1808 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
23:45:13.0921 1808 Fs_Rec - ok
23:45:13.0968 1808 [ 6AC26732762483366C3969C9E4D2259D ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
23:45:14.0109 1808 Ftdisk - ok
23:45:14.0156 1808 [ AB8A6A87D9D7255C3884D5B9541A6E80 ] GEARAspiWDM C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
23:45:14.0156 1808 GEARAspiWDM - ok
23:45:14.0171 1808 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
23:45:14.0312 1808 Gpc - ok
23:45:14.0343 1808 [ 1AD88BCF3D043BAA58C15EB262625F9B ] ha10kx2k C:\WINDOWS\system32\drivers\ha10kx2k.sys
23:45:14.0390 1808 ha10kx2k ( UnsignedFile.Multi.Generic ) - warning
23:45:14.0390 1808 ha10kx2k - detected UnsignedFile.Multi.Generic (1)
23:45:14.0421 1808 [ 8FF42F63C722A1DD4C91FF6A497FD6B2 ] hap16v2k C:\WINDOWS\system32\drivers\hap16v2k.sys
23:45:14.0421 1808 hap16v2k ( UnsignedFile.Multi.Generic ) - warning
23:45:14.0421 1808 hap16v2k - detected UnsignedFile.Multi.Generic (1)
23:45:14.0453 1808 [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
23:45:14.0578 1808 HDAudBus - ok
23:45:14.0703 1808 [ 4FCCA060DFE0C51A09DD5C3843888BCD ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
23:45:14.0828 1808 helpsvc - ok
23:45:14.0859 1808 [ DEB04DA35CC871B6D309B77E1443C796 ] HidServ C:\WINDOWS\System32\hidserv.dll
23:45:15.0000 1808 HidServ - ok
23:45:15.0031 1808 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys
23:45:15.0156 1808 HidUsb - ok
23:45:15.0171 1808 [ 8878BD685E490239777BFE51320B88E9 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
23:45:15.0296 1808 hkmsvc - ok
23:45:15.0312 1808 hpn - ok
23:45:15.0359 1808 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
23:45:15.0390 1808 HTTP - ok
23:45:15.0421 1808 [ 6100A808600F44D999CEBDEF8841C7A3 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
23:45:15.0546 1808 HTTPFilter - ok
23:45:15.0562 1808 i2omgmt - ok
23:45:15.0562 1808 i2omp - ok
23:45:15.0593 1808 [ 4A0B06AA8943C1E332520F7440C0AA30 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
23:45:15.0703 1808 i8042prt - ok
23:45:15.0781 1808 [ 0ACEBB31989CBF9A5663FE4A33D28D21 ] ialm C:\WINDOWS\system32\DRIVERS\ialmnt5.sys
23:45:15.0828 1808 ialm - ok
23:45:15.0890 1808 [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
23:45:15.0906 1808 IDriverT ( UnsignedFile.Multi.Generic ) - warning
23:45:15.0906 1808 IDriverT - detected UnsignedFile.Multi.Generic (1)
23:45:15.0984 1808 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
23:45:16.0031 1808 idsvc - ok
23:45:16.0031 1808 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
23:45:16.0156 1808 Imapi - ok
23:45:16.0203 1808 [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] ImapiService C:\WINDOWS\system32\imapi.exe
23:45:16.0328 1808 ImapiService - ok
23:45:16.0343 1808 ini910u - ok
23:45:16.0453 1808 [ EAFD29C7918325B45E0DABAFD82EF75F ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys
23:45:16.0562 1808 IntcAzAudAddService - ok
23:45:16.0593 1808 [ B5466A9250342A7AA0CD1FBA13420678 ] IntelIde C:\WINDOWS\system32\DRIVERS\intelide.sys
23:45:16.0703 1808 IntelIde - ok
23:45:16.0750 1808 [ 8C953733D8F36EB2133F5BB58808B66B ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
23:45:16.0859 1808 intelppm - ok
23:45:16.0890 1808 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\drivers\ip6fw.sys
23:45:17.0015 1808 Ip6Fw - ok
23:45:17.0046 1808 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
23:45:17.0171 1808 IpFilterDriver - ok
23:45:17.0203 1808 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
23:45:17.0312 1808 IpInIp - ok
23:45:17.0312 1808 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
23:45:17.0437 1808 IpNat - ok
23:45:17.0500 1808 [ 62937A89470AF8FF172F0980CA8AEFC9 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
23:45:17.0515 1808 iPod Service - ok
23:45:17.0562 1808 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
23:45:17.0687 1808 IPSec - ok
23:45:17.0703 1808 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
23:45:17.0828 1808 IRENUM - ok
23:45:17.0828 1808 [ 05A299EC56E52649B1CF2FC52D20F2D7 ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
23:45:17.0937 1808 isapnp - ok
23:45:17.0984 1808 [ F59C3569A2F2C464BB78CB1BDCDCA55E ] Iviaspi C:\WINDOWS\system32\drivers\iviaspi.sys
23:45:17.0984 1808 Iviaspi ( UnsignedFile.Multi.Generic ) - warning
23:45:17.0984 1808 Iviaspi - detected UnsignedFile.Multi.Generic (1)
23:45:18.0109 1808 [ 80F08F50D248EEEEB9256F6522891D40 ] JavaQuickStarterService C:\Program Files\Java\jre7\bin\jqs.exe
23:45:18.0125 1808 JavaQuickStarterService - ok
23:45:18.0140 1808 [ 463C1EC80CD17420A542B7F36A36F128 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
23:45:18.0250 1808 Kbdclass - ok
23:45:18.0250 1808 [ 9EF487A186DEA361AA06913A75B3FA99 ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys
23:45:18.0359 1808 kbdhid - ok
23:45:18.0390 1808 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
23:45:18.0515 1808 kmixer - ok
23:45:18.0546 1808 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
23:45:18.0562 1808 KSecDD - ok
23:45:18.0593 1808 [ DC61F15187372D164769C841655E58F3 ] L8042Kbd C:\WINDOWS\system32\DRIVERS\L8042Kbd.sys
23:45:18.0609 1808 L8042Kbd - ok
23:45:18.0640 1808 [ CB6E007D3A67CB80EE9DF2AFD4B0FC9D ] L8042mou C:\WINDOWS\system32\DRIVERS\L8042mou.Sys
23:45:18.0640 1808 L8042mou - ok
23:45:18.0687 1808 [ 3A7C3CBE5D96B8AE96CE81F0B22FB527 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
23:45:18.0718 1808 lanmanserver - ok
23:45:18.0765 1808 [ A8888A5327621856C0CEC4E385F69309 ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll
23:45:18.0796 1808 LanmanWorkstation - ok
23:45:18.0843 1808 [ BE2DC24D403643A2D1D98F33C7087B38 ] LBeepKE C:\WINDOWS\system32\Drivers\LBeepKE.sys
23:45:18.0859 1808 LBeepKE - ok
23:45:18.0859 1808 lbrtfdc - ok
23:45:18.0968 1808 [ 910344E2A984010435AE84783B25E5EB ] LBTServ C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
23:45:18.0984 1808 LBTServ - ok
23:45:19.0031 1808 [ 01CC7FB6E790EF044B411377F3A1FF41 ] LHidFilt C:\WINDOWS\system32\DRIVERS\LHidFilt.Sys
23:45:19.0046 1808 LHidFilt - ok
23:45:19.0093 1808 [ A7DB739AE99A796D91580147E919CC59 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
23:45:19.0218 1808 LmHosts - ok
23:45:19.0234 1808 [ A2E7EAE8898D7B4B8C302B8F4E836BB5 ] LMouFilt C:\WINDOWS\system32\DRIVERS\LMouFilt.Sys
23:45:19.0234 1808 LMouFilt - ok
23:45:19.0281 1808 [ 58597A99792461E89BB5C44E17508D70 ] LMouKE C:\WINDOWS\system32\DRIVERS\LMouKE.Sys
23:45:19.0281 1808 LMouKE - ok
23:45:19.0312 1808 [ 0DEC219CB6EFCBC872F88F9AEC320EA6 ] LUsbFilt C:\WINDOWS\system32\Drivers\LUsbFilt.Sys
23:45:19.0328 1808 LUsbFilt - ok
23:45:19.0359 1808 [ 500D089CE760D83DA2B6CBA681AA9949 ] MBAMProtector C:\WINDOWS\system32\drivers\mbam.sys
23:45:19.0375 1808 MBAMProtector - ok
23:45:19.0484 1808 [ 85B16A92B117A5A800032ECD904B86DB ] MBAMScheduler C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
23:45:19.0500 1808 MBAMScheduler - ok
23:45:19.0562 1808 [ 0DB7527DB188C7D967A37BB51BBF3963 ] MBAMSwissArmy C:\WINDOWS\system32\drivers\mbamswissarmy.sys
23:45:19.0562 1808 MBAMSwissArmy - ok
23:45:19.0593 1808 [ 986B1FF5814366D71E0AC5755C88F2D3 ] Messenger C:\WINDOWS\System32\msgsvc.dll
23:45:19.0703 1808 Messenger - ok
23:45:19.0843 1808 Micorsoft Windows Service - ok
23:45:19.0921 1808 [ 123271BD5237AB991DC5C21FDF8835EB ] Microsoft Office Groove Audit Service C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
23:45:19.0937 1808 Microsoft Office Groove Audit Service - ok
23:45:19.0968 1808 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
23:45:20.0093 1808 mnmdd - ok
23:45:20.0140 1808 [ D18F1F0C101D06A1C1ADF26EED16FCDD ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
23:45:20.0250 1808 mnmsrvc - ok
23:45:20.0296 1808 [ DFCBAD3CEC1C5F964962AE10E0BCC8E1 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
23:45:20.0421 1808 Modem - ok
23:45:20.0453 1808 [ 35C9E97194C8CFB8430125F8DBC34D04 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
23:45:20.0578 1808 Mouclass - ok
23:45:20.0625 1808 [ B1C303E17FB9D46E87A98E4BA6769685 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
23:45:20.0765 1808 mouhid - ok
23:45:20.0796 1808 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
23:45:20.0937 1808 MountMgr - ok
23:45:20.0968 1808 [ 4D7F2682D29B92A6251B17957AA0B985 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
23:45:20.0984 1808 MozillaMaintenance - ok
23:45:21.0000 1808 mraid35x - ok
23:45:21.0015 1808 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
23:45:21.0156 1808 MRxDAV - ok
23:45:21.0203 1808 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
23:45:21.0234 1808 MRxSmb - ok
23:45:21.0265 1808 [ A137F1470499A205ABBB9AAFB3B6F2B1 ] MSDTC C:\WINDOWS\system32\msdtc.exe
23:45:21.0406 1808 MSDTC - ok
23:45:21.0406 1808 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
23:45:21.0531 1808 Msfs - ok
23:45:21.0546 1808 MSIServer - ok
23:45:21.0562 1808 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
23:45:21.0656 1808 MSKSSRV - ok
23:45:21.0687 1808 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
23:45:21.0796 1808 MSPCLOCK - ok
23:45:21.0812 1808 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
23:45:21.0921 1808 MSPQM - ok
23:45:21.0953 1808 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
23:45:22.0078 1808 mssmbios - ok
23:45:22.0093 1808 [ E53736A9E30C45FA9E7B5EAC55056D1D ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
23:45:22.0203 1808 MSTEE - ok
23:45:22.0250 1808 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
23:45:22.0296 1808 Mup - ok
23:45:22.0328 1808 [ 5B50F1B2A2ED47D560577B221DA734DB ] NABTSFEC C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
23:45:22.0453 1808 NABTSFEC - ok
23:45:22.0500 1808 [ 0102140028FAD045756796E1C685D695 ] napagent C:\WINDOWS\System32\qagentrt.dll
23:45:22.0640 1808 napagent - ok
23:45:22.0656 1808 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
23:45:22.0765 1808 NDIS - ok
23:45:22.0796 1808 [ 7FF1F1FD8609C149AA432F95A8163D97 ] NdisIP C:\WINDOWS\system32\DRIVERS\NdisIP.sys
23:45:22.0906 1808 NdisIP - ok
23:45:22.0937 1808 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
23:45:22.0953 1808 NdisTapi - ok
23:45:22.0968 1808 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
23:45:23.0078 1808 Ndisuio - ok
23:45:23.0093 1808 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
23:45:23.0234 1808 NdisWan - ok
23:45:23.0265 1808 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
23:45:23.0281 1808 NDProxy - ok
23:45:23.0296 1808 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
23:45:23.0406 1808 NetBIOS - ok
23:45:23.0437 1808 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
23:45:23.0562 1808 NetBT - ok
23:45:23.0593 1808 [ B857BA82860D7FF85AE29B095645563B ] NetDDE C:\WINDOWS\system32\netdde.exe
23:45:23.0718 1808 NetDDE - ok
23:45:23.0718 1808 [ B857BA82860D7FF85AE29B095645563B ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
23:45:23.0828 1808 NetDDEdsdm - ok
23:45:23.0875 1808 [ BF2466B3E18E970D8A976FB95FC1CA85 ] Netlogon C:\WINDOWS\system32\lsass.exe
23:45:23.0984 1808 Netlogon - ok
23:45:24.0000 1808 [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] Netman C:\WINDOWS\System32\netman.dll
23:45:24.0140 1808 Netman - ok
23:45:24.0171 1808 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
23:45:24.0187 1808 NetTcpPortSharing - ok
23:45:24.0218 1808 [ E9E47CFB2D461FA0FC75B7A74C6383EA ] NIC1394 C:\WINDOWS\system32\DRIVERS\nic1394.sys
23:45:24.0328 1808 NIC1394 - ok
23:45:24.0359 1808 [ 943337D786A56729263071623BBB9DE5 ] Nla C:\WINDOWS\System32\mswsock.dll
23:45:24.0406 1808 Nla - ok
23:45:24.0437 1808 [ 1E421A6BCF2203CC61B821ADA9DE878B ] nm C:\WINDOWS\system32\DRIVERS\NMnt.sys
23:45:24.0546 1808 nm - ok
23:45:24.0562 1808 [ B4E87D4F40C57D036E821BD06DB1D1B7 ] nmwcd C:\WINDOWS\system32\drivers\ccdcmb.sys
23:45:24.0609 1808 nmwcd - ok
23:45:24.0640 1808 [ BEE0ADDF01D62725DDC2CC113D6B374C ] nmwcdc C:\WINDOWS\system32\drivers\ccdcmbo.sys
23:45:24.0687 1808 nmwcdc - ok
23:45:24.0718 1808 [ 6623E51595C0076755C29C00846C4EB2 ] NPF C:\WINDOWS\system32\drivers\npf.sys
23:45:24.0734 1808 NPF - ok
23:45:24.0765 1808 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
23:45:24.0890 1808 Npfs - ok
23:45:24.0937 1808 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
23:45:25.0078 1808 Ntfs - ok
23:45:25.0109 1808 [ BF2466B3E18E970D8A976FB95FC1CA85 ] NtLmSsp C:\WINDOWS\System32\lsass.exe
23:45:25.0218 1808 NtLmSsp - ok
23:45:25.0265 1808 [ 156F64A3345BD23C600655FB4D10BC08 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
23:45:25.0421 1808 NtmsSvc - ok
23:45:25.0453 1808 [ CF7E041663119E09D2E118521ADA9300 ] NuidFltr C:\WINDOWS\system32\DRIVERS\NuidFltr.sys
23:45:25.0468 1808 NuidFltr - ok
23:45:25.0484 1808 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
23:45:25.0609 1808 Null - ok
23:45:25.0859 1808 [ 9E143FB3EF13B7EC1C1DD06529DEBADD ] nv C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
23:45:26.0046 1808 nv - ok
23:45:26.0078 1808 [ 1633409E67F1BD6E5AC8ECB9CD5D2027 ] NVSvc C:\WINDOWS\system32\nvsvc32.exe
23:45:26.0125 1808 NVSvc - ok
23:45:26.0156 1808 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
23:45:26.0265 1808 NwlnkFlt - ok
23:45:26.0281 1808 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
23:45:26.0406 1808 NwlnkFwd - ok
23:45:26.0531 1808 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
23:45:26.0562 1808 odserv - ok
23:45:26.0593 1808 [ CA33832DF41AFB202EE7AEB05145922F ] ohci1394 C:\WINDOWS\system32\DRIVERS\ohci1394.sys
23:45:26.0703 1808 ohci1394 - ok
23:45:26.0734 1808 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
23:45:26.0750 1808 ose - ok
23:45:26.0781 1808 [ 5575FAF8F97CE5E713D108C2A58D7C7C ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys
23:45:26.0890 1808 Parport - ok
23:45:26.0906 1808 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
23:45:27.0046 1808 PartMgr - ok
23:45:27.0062 1808 [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
23:45:27.0187 1808 ParVdm - ok
23:45:27.0218 1808 [ 175CC28DCF819F78CAA3FBD44AD9E52A ] pccsmcfd C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys
23:45:27.0234 1808 pccsmcfd - ok
23:45:27.0250 1808 [ A219903CCF74233761D92BEF471A07B1 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
23:45:27.0359 1808 PCI - ok
23:45:27.0375 1808 PCIDump - ok
23:45:27.0390 1808 [ CCF5F451BB1A5A2A522A76E670000FF0 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
23:45:27.0546 1808 PCIIde - ok
23:45:27.0562 1808 [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
23:45:27.0687 1808 Pcmcia - ok
23:45:27.0718 1808 [ A05145D98D8F74D8CA7E251C1E1B274D ] PCTINDIS5 C:\WINDOWS\System32\PCTINDIS5.SYS
23:45:27.0734 1808 PCTINDIS5 ( UnsignedFile.Multi.Generic ) - warning
23:45:27.0734 1808 PCTINDIS5 - detected UnsignedFile.Multi.Generic (1)
23:45:27.0765 1808 [ 53B518B36FF81CB21334E43237B7B461 ] PCTWPASV C:\Program Files\Arcadyan Wireless\pctwpasv.exe
23:45:27.0796 1808 PCTWPASV ( UnsignedFile.Multi.Generic ) - warning
23:45:27.0796 1808 PCTWPASV - detected UnsignedFile.Multi.Generic (1)
23:45:27.0796 1808 PDCOMP - ok
23:45:27.0812 1808 PDFRAME - ok
23:45:27.0812 1808 PDRELI - ok
23:45:27.0812 1808 PDRFRAME - ok
23:45:27.0828 1808 perc2 - ok
23:45:27.0828 1808 perc2hib - ok
23:45:27.0890 1808 [ 444F122E68DB44C0589227781F3C8B3F ] Pfc C:\WINDOWS\system32\drivers\pfc.sys
23:45:27.0890 1808 Pfc ( UnsignedFile.Multi.Generic ) - warning
23:45:27.0890 1808 Pfc - detected UnsignedFile.Multi.Generic (1)
23:45:27.0937 1808 [ 2F81E367875C5D7D6F05454BA84D27A9 ] PID_0920 C:\WINDOWS\system32\DRIVERS\LV532AV.SYS
23:45:27.0968 1808 PID_0920 - ok
23:45:28.0000 1808 [ 65DF52F5B8B6E9BBD183505225C37315 ] PlugPlay C:\WINDOWS\system32\services.exe
23:45:28.0031 1808 PlugPlay - ok
23:45:28.0031 1808 [ BF2466B3E18E970D8A976FB95FC1CA85 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
23:45:28.0140 1808 PolicyAgent - ok
23:45:28.0187 1808 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
23:45:28.0312 1808 PptpMiniport - ok
23:45:28.0359 1808 [ 23EA4D861FAA8A010DB153F9819FB4F7 ] PRISM_A00 C:\WINDOWS\system32\DRIVERS\PCTELSAP.SYS
23:45:28.0406 1808 PRISM_A00 - ok
23:45:28.0437 1808 [ A32BEBAF723557681BFC6BD93E98BD26 ] Processor C:\WINDOWS\system32\DRIVERS\processr.sys
23:45:28.0562 1808 Processor - ok
23:45:28.0578 1808 PROCEXP151 - ok
23:45:28.0578 1808 [ BF2466B3E18E970D8A976FB95FC1CA85 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
23:45:28.0687 1808 ProtectedStorage - ok
23:45:28.0718 1808 [ 9B793A1FFD480155FE9EE5261153F21B ] Ps2 C:\WINDOWS\system32\DRIVERS\PS2.sys
23:45:28.0718 1808 Ps2 - ok
23:45:28.0734 1808 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
23:45:28.0843 1808 PSched - ok
23:45:28.0875 1808 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
23:45:28.0984 1808 Ptilink - ok
23:45:29.0015 1808 [ E42E3433DBB4CFFE8FDD91EAB29AEA8E ] PxHelp20 C:\WINDOWS\system32\Drivers\PxHelp20.sys
23:45:29.0031 1808 PxHelp20 - ok
23:45:29.0031 1808 ql1080 - ok
23:45:29.0046 1808 Ql10wnt - ok
23:45:29.0046 1808 ql12160 - ok
23:45:29.0062 1808 ql1240 - ok
23:45:29.0062 1808 ql1280 - ok
23:45:29.0078 1808 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
23:45:29.0203 1808 RasAcd - ok
23:45:29.0234 1808 [ AD188BE7BDF94E8DF4CA0A55C00A5073 ] RasAuto C:\WINDOWS\System32\rasauto.dll
23:45:29.0343 1808 RasAuto - ok
23:45:29.0375 1808 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
23:45:29.0500 1808 Rasl2tp - ok
23:45:29.0546 1808 [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] RasMan C:\WINDOWS\System32\rasmans.dll
23:45:29.0671 1808 RasMan - ok
23:45:29.0671 1808 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
23:45:29.0781 1808 RasPppoe - ok
23:45:29.0796 1808 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
23:45:29.0906 1808 Raspti - ok
23:45:29.0937 1808 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
23:45:30.0062 1808 Rdbss - ok
23:45:30.0093 1808 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
23:45:30.0234 1808 RDPCDD - ok
23:45:30.0281 1808 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
23:45:30.0328 1808 RDPWD - ok
23:45:30.0359 1808 [ 3C37BF86641BDA977C3BF8A840F3B7FA ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
23:45:30.0468 1808 RDSessMgr - ok
23:45:30.0515 1808 [ F828DD7E1419B6653894A8F97A0094C5 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
23:45:30.0640 1808 redbook - ok
23:45:30.0671 1808 RegKernelHelp - ok
23:45:30.0687 1808 [ 7E699FF5F59B5D9DE5390E3C34C67CF5 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
23:45:30.0812 1808 RemoteAccess - ok
23:45:30.0828 1808 [ F17713D108ACA124A139FDE877EEF68A ] RimUsb C:\WINDOWS\system32\Drivers\RimUsb.sys
23:45:30.0843 1808 RimUsb - ok
23:45:30.0875 1808 [ E51A8D02B4BD33EBA1F7A5B76C3766ED ] rpcapd C:\Program Files\WinPcap\rpcapd.exe
23:45:30.0890 1808 rpcapd - ok
23:45:30.0921 1808 [ AAED593F84AFA419BBAE8572AF87CF6A ] RpcLocator C:\WINDOWS\System32\locator.exe
23:45:31.0031 1808 RpcLocator - ok
23:45:31.0062 1808 [ 6B27A5C03DFB94B4245739065431322C ] RpcSs C:\WINDOWS\System32\rpcss.dll
23:45:31.0078 1808 RpcSs - ok
23:45:31.0156 1808 [ 471B3F9741D762ABE75E9DEEA4787E47 ] RSVP C:\WINDOWS\System32\rsvp.exe
23:45:31.0281 1808 RSVP - ok
23:45:31.0359 1808 [ E2E588D92C8E151CD3515EE09FEC90E2 ] rt2870 C:\WINDOWS\system32\DRIVERS\rt2870.sys
23:45:31.0406 1808 rt2870 - ok
23:45:31.0453 1808 [ 67C9511A760149797E806FFD9F14AD37 ] RTL8023xp C:\WINDOWS\system32\DRIVERS\Rtnicxp.sys
23:45:31.0500 1808 RTL8023xp - ok
23:45:31.0546 1808 [ 2EF9C0DC26B30B2318B1FC3FAA1F0AE7 ] rtl8139 C:\WINDOWS\system32\DRIVERS\R8139n51.SYS
23:45:31.0562 1808 rtl8139 - ok
23:45:31.0593 1808 [ BF2466B3E18E970D8A976FB95FC1CA85 ] SamSs C:\WINDOWS\system32\lsass.exe
23:45:31.0703 1808 SamSs - ok
23:45:31.0718 1808 [ 86D007E7A654B9A71D1D7D856B104353 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
23:45:31.0859 1808 SCardSvr - ok
23:45:31.0906 1808 [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] Schedule C:\WINDOWS\system32\schedsvc.dll
23:45:32.0015 1808 Schedule - ok
23:45:32.0062 1808 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
23:45:32.0171 1808 Secdrv - ok
23:45:32.0187 1808 [ CBE612E2BB6A10E3563336191EDA1250 ] seclogon C:\WINDOWS\System32\seclogon.dll
23:45:32.0312 1808 seclogon - ok
23:45:32.0343 1808 [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] SENS C:\WINDOWS\system32\sens.dll
23:45:32.0468 1808 SENS - ok
23:45:32.0500 1808 [ 0F29512CCD6BEAD730039FB4BD2C85CE ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
23:45:32.0609 1808 serenum - ok
23:45:32.0640 1808 [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys
23:45:32.0750 1808 Serial - ok
23:45:32.0875 1808 [ 277D0890E10584C216BCCFA4EF6B9B3D ] ServiceLayer C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
23:45:32.0906 1808 ServiceLayer ( UnsignedFile.Multi.Generic ) - warning
23:45:32.0906 1808 ServiceLayer - detected UnsignedFile.Multi.Generic (1)
23:45:32.0953 1808 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
23:45:33.0062 1808 Sfloppy - ok
23:45:33.0093 1808 [ 99BC0B50F511924348BE19C7C7313BBF ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
23:45:33.0109 1808 ShellHWDetection - ok
23:45:33.0109 1808 Simbad - ok
23:45:33.0156 1808 [ 020467B4EE7F73C304943BF0E3E4D526 ] SiS315 C:\WINDOWS\system32\DRIVERS\sisgrp.sys
23:45:33.0171 1808 SiS315 - ok
23:45:33.0203 1808 [ 61CA562DEF09A782D26B3E7EDEC5369A ] SISAGP C:\WINDOWS\system32\DRIVERS\SISAGPX.sys
23:45:33.0234 1808 SISAGP - ok
23:45:33.0250 1808 [ 02960A9C3F4E5178EDBD9C0D2D995B3B ] SiSkp C:\WINDOWS\system32\DRIVERS\srvkp.sys
23:45:33.0265 1808 SiSkp - ok
23:45:33.0296 1808 [ 866D538EBE33709A5C9F5C62B73B7D14 ] SLIP C:\WINDOWS\system32\DRIVERS\SLIP.sys
23:45:33.0406 1808 SLIP - ok
23:45:33.0453 1808 [ 60C377BE6B3CC83F6A8584934B181D2E ] SNMP C:\WINDOWS\System32\snmp.exe
23:45:33.0562 1808 SNMP - ok
23:45:33.0578 1808 [ 80A050795A107A76C2B1CD4CFBE010E6 ] SNMPTRAP C:\WINDOWS\System32\snmptrap.exe
23:45:33.0687 1808 SNMPTRAP - ok
23:45:33.0703 1808 Sparrow - ok
23:45:33.0703 1808 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
23:45:33.0812 1808 splitter - ok
23:45:33.0859 1808 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe
23:45:33.0875 1808 Spooler - ok
23:45:33.0953 1808 [ CDDDEC541BC3C96F91ECB48759673505 ] sptd C:\WINDOWS\system32\Drivers\sptd.sys
23:45:33.0953 1808 Suspicious file (NoAccess): C:\WINDOWS\system32\Drivers\sptd.sys. md5: CDDDEC541BC3C96F91ECB48759673505
23:45:33.0953 1808 sptd ( LockedFile.Multi.Generic ) - warning
23:45:33.0953 1808 sptd - detected LockedFile.Multi.Generic (1)
23:45:33.0968 1808 [ 76BB022C2FB6902FD5BDD4F78FC13A5D ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
23:45:34.0078 1808 sr - ok
23:45:34.0140 1808 [ 3805DF0AC4296A34BA4BF93B346CC378 ] srservice C:\WINDOWS\system32\srsvc.dll
23:45:34.0250 1808 srservice - ok
23:45:34.0296 1808 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
23:45:34.0328 1808 Srv - ok
23:45:34.0375 1808 [ 0A5679B3714EDAB99E357057EE88FCA6 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
23:45:34.0484 1808 SSDPSRV - ok
23:45:34.0531 1808 [ 8BAD69CBAC032D4BBACFCE0306174C30 ] stisvc C:\WINDOWS\system32\wiaservc.dll
23:45:34.0656 1808 stisvc - ok
23:45:34.0671 1808 [ 77813007BA6265C4B6098187E6ED79D2 ] streamip C:\WINDOWS\system32\DRIVERS\StreamIP.sys
23:45:34.0781 1808 streamip - ok
23:45:34.0812 1808 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
23:45:34.0921 1808 swenum - ok
23:45:34.0937 1808 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
23:45:35.0046 1808 swmidi - ok
23:45:35.0062 1808 SwPrv - ok
23:45:35.0062 1808 symc810 - ok
23:45:35.0078 1808 symc8xx - ok
23:45:35.0109 1808 SYMIDSCO - ok
23:45:35.0109 1808 sym_hi - ok
23:45:35.0109 1808 sym_u3 - ok
23:45:35.0156 1808 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
23:45:35.0250 1808 sysaudio - ok
23:45:35.0296 1808 [ C7ABBC59B43274B1109DF6B24D617051 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
23:45:35.0406 1808 SysmonLog - ok
23:45:35.0437 1808 [ 3CB78C17BB664637787C9A1C98F79C38 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
23:45:35.0546 1808 TapiSrv - ok
23:45:35.0609 1808 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
23:45:35.0625 1808 Tcpip - ok
23:45:35.0656 1808 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
23:45:35.0765 1808 TDPIPE - ok
23:45:35.0781 1808 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
23:45:35.0906 1808 TDTCP - ok
23:45:35.0937 1808 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
23:45:36.0031 1808 TermDD - ok
23:45:36.0062 1808 [ FF3477C03BE7201C294C35F684B3479F ] TermService C:\WINDOWS\System32\termsrv.dll
23:45:36.0171 1808 TermService - ok
23:45:36.0187 1808 [ 99BC0B50F511924348BE19C7C7313BBF ] Themes C:\WINDOWS\System32\shsvcs.dll
23:45:36.0203 1808 Themes - ok
23:45:36.0218 1808 TosIde - ok
23:45:36.0234 1808 [ 55BCA12F7F523D35CA3CB833C725F54E ] TrkWks C:\WINDOWS\system32\trkwks.dll
23:45:36.0343 1808 TrkWks - ok
23:45:36.0375 1808 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
23:45:36.0484 1808 Udfs - ok
23:45:36.0500 1808 ultra - ok
23:45:36.0531 1808 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
23:45:36.0640 1808 Update - ok
23:45:36.0671 1808 [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 ] upnphost C:\WINDOWS\System32\upnphost.dll
23:45:36.0781 1808 upnphost - ok
23:45:36.0796 1808 [ F5D2AA9D56A3A01A190D01CD961BA0E7 ] upperdev C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys
23:45:36.0843 1808 upperdev - ok
23:45:36.0859 1808 [ 05365FB38FCA1E98F7A566AAAF5D1815 ] UPS C:\WINDOWS\System32\ups.exe
23:45:36.0968 1808 UPS - ok
23:45:37.0015 1808 [ C1CA131F4E3ED63D6BC89A35FFAD4CDA ] USBAAPL C:\WINDOWS\system32\Drivers\usbaapl.sys
23:45:37.0031 1808 USBAAPL - ok
23:45:37.0062 1808 [ E919708DB44ED8543A7C017953148330 ] usbaudio C:\WINDOWS\system32\drivers\usbaudio.sys
23:45:37.0171 1808 usbaudio - ok
23:45:37.0203 1808 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
23:45:37.0312 1808 usbccgp - ok
23:45:37.0343 1808 [ D21CDE1C635BCC5053463579EEE453CF ] USBCM C:\WINDOWS\system32\DRIVERS\Sacm1K.sys
23:45:37.0343 1808 USBCM ( UnsignedFile.Multi.Generic ) - warning
23:45:37.0343 1808 USBCM - detected UnsignedFile.Multi.Generic (1)
23:45:37.0390 1808 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
23:45:37.0500 1808 usbehci - ok
23:45:37.0531 1808 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
23:45:37.0640 1808 usbhub - ok
23:45:37.0656 1808 [ 0DAECCE65366EA32B162F85F07C6753B ] usbohci C:\WINDOWS\system32\DRIVERS\usbohci.sys
23:45:37.0765 1808 usbohci - ok
23:45:37.0781 1808 [ 1C888B000C2F9492F4B15B5B6B84873E ] usbser C:\WINDOWS\system32\drivers\usbser.sys
23:45:37.0890 1808 usbser - ok
23:45:37.0906 1808 [ EB2D3830646E393776E1EF98AC76A43D ] UsbserFilt C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys
23:45:37.0953 1808 UsbserFilt - ok
23:45:37.0984 1808 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
23:45:38.0093 1808 USBSTOR - ok
23:45:38.0109 1808 [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
23:45:38.0218 1808 usbuhci - ok
23:45:38.0218 1808 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
23:45:38.0328 1808 VgaSave - ok
23:45:38.0343 1808 viaagp1 - ok
23:45:38.0359 1808 [ 220D565A3AFDEA901DABC67A5C81A121 ] viagfx C:\WINDOWS\system32\DRIVERS\vtmini.sys
23:45:38.0375 1808 viagfx - ok
23:45:38.0390 1808 [ 3B3EFCDA263B8AC14FDF9CBDD0791B2E ] ViaIde C:\WINDOWS\system32\DRIVERS\viaide.sys
23:45:38.0500 1808 ViaIde - ok
23:45:38.0531 1808 [ 4C8FCB5CC53AAB716D810740FE59D025 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
23:45:38.0640 1808 VolSnap - ok
23:45:38.0703 1808 [ 7A9DB3A67C333BF0BD42E42B8596854B ] VSS C:\WINDOWS\System32\vssvc.exe
23:45:38.0812 1808 VSS - ok
23:45:38.0843 1808 [ 54AF4B1D5459500EF0937F6D33B1914F ] W32Time C:\WINDOWS\system32\w32time.dll
23:45:38.0953 1808 W32Time - ok
23:45:38.0968 1808 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
23:45:39.0078 1808 Wanarp - ok
23:45:39.0156 1808 [ FD47474BD21794508AF449D9D91AF6E6 ] Wdf01000 C:\WINDOWS\system32\DRIVERS\Wdf01000.sys
23:45:39.0171 1808 Wdf01000 - ok
23:45:39.0187 1808 WDICA - ok
23:45:39.0218 1808 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
23:45:39.0328 1808 wdmaud - ok
23:45:39.0359 1808 [ 77A354E28153AD2D5E120A5A8687BC06 ] WebClient C:\WINDOWS\System32\webclnt.dll
23:45:39.0468 1808 WebClient - ok
23:45:39.0546 1808 [ 2D0E4ED081963804CCC196A0929275B5 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
23:45:39.0656 1808 winmgmt - ok
23:45:39.0703 1808 [ 051B1BDECD6DEE18C771B5D5EC7F044D ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
23:45:39.0718 1808 WmdmPmSN - ok
23:45:39.0765 1808 [ E0673F1106E62A68D2257E376079F821 ] WmiApSrv C:\WINDOWS\System32\wbem\wmiapsrv.exe
23:45:39.0859 1808 WmiApSrv - ok
23:45:39.0968 1808 [ 6BAB4DC65515A098505F8B3D01FB6FE5 ] WMPNetworkSvc C:\Program Files\Windows Media Player\WMPNetwk.exe
23:45:40.0000 1808 WMPNetworkSvc - ok
23:45:40.0125 1808 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
23:45:40.0156 1808 WPFFontCache_v0400 - ok
23:45:40.0187 1808 [ C98B39829C2BBD34E454150633C62C78 ] WSTCODEC C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
23:45:40.0296 1808 WSTCODEC - ok
23:45:40.0343 1808 [ 50EB9E21963B4F06FD010D007D54351B ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
23:45:40.0359 1808 WudfPf - ok
23:45:40.0390 1808 [ 6E209664BDEA8A15B5E8E480D6C607C2 ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys
23:45:40.0406 1808 WudfRd - ok
23:45:40.0421 1808 [ AE93084D2D236887BA56467AE42B4955 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
23:45:40.0453 1808 WudfSvc - ok
23:45:40.0515 1808 [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
23:45:40.0734 1808 WZCSVC - ok
23:45:40.0765 1808 [ 295D21F14C335B53CB8154E5B1F892B9 ] xmlprov C:\WINDOWS\System32\xmlprov.dll
23:45:40.0953 1808 xmlprov - ok
23:45:41.0015 1808 ================ Scan global ===============================
23:45:41.0046 1808 [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll
23:45:41.0093 1808 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll
23:45:41.0125 1808 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll
23:45:41.0140 1808 [ 65DF52F5B8B6E9BBD183505225C37315 ] C:\WINDOWS\system32\services.exe
23:45:41.0140 1808 [Global] - ok
23:45:41.0140 1808 ================ Scan MBR ==================================
23:45:41.0171 1808 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0
23:45:41.0359 1808 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
23:45:41.0359 1808 \Device\Harddisk0\DR0 - detected TDSS File System (1)
23:45:41.0359 1808 ================ Scan VBR ==================================
23:45:41.0359 1808 [ 26805FF309E9E2B363680EA1812DD695 ] \Device\Harddisk0\DR0\Partition1
23:45:41.0375 1808 \Device\Harddisk0\DR0\Partition1 - ok
23:45:41.0375 1808 [ 51BF0B28FBEEDDA7E13FD57DBFCA86D2 ] \Device\Harddisk0\DR0\Partition2
23:45:41.0375 1808 \Device\Harddisk0\DR0\Partition2 - ok
23:45:41.0375 1808 ================ Scan active images ========================
23:45:41.0390 1808 [ A32BEBAF723557681BFC6BD93E98BD26 ] C:\WINDOWS\system32\drivers\processr.sys
23:45:41.0390 1808 C:\WINDOWS\system32\drivers\processr.sys - ok
23:45:41.0390 1808 [ E28726B72C46821A28830E077D39A55B ] C:\WINDOWS\system32\drivers\videoprt.sys
23:45:41.0390 1808 C:\WINDOWS\system32\drivers\videoprt.sys - ok
23:45:41.0390 1808 [ 9E143FB3EF13B7EC1C1DD06529DEBADD ] C:\WINDOWS\system32\drivers\nv4_mini.sys
23:45:41.0390 1808 C:\WINDOWS\system32\drivers\nv4_mini.sys - ok
23:45:41.0406 1808 [ 573C7D0A32852B48F3058CFD8026F511 ] C:\WINDOWS\system32\drivers\hdaudbus.sys
23:45:41.0406 1808 C:\WINDOWS\system32\drivers\hdaudbus.sys - ok
23:45:41.0406 1808 [ 791912E524CC2CC6F50B5F2B52D1EB71 ] C:\WINDOWS\system32\drivers\usbport.sys
23:45:41.0406 1808 C:\WINDOWS\system32\drivers\usbport.sys - ok
23:45:41.0421 1808 [ 26496F9DEE2D787FC3E61AD54821FFE6 ] C:\WINDOWS\system32\drivers\usbuhci.sys
23:45:41.0421 1808 C:\WINDOWS\system32\drivers\usbuhci.sys - ok
23:45:41.0421 1808 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] C:\WINDOWS\system32\drivers\usbehci.sys
23:45:41.0421 1808 C:\WINDOWS\system32\drivers\usbehci.sys - ok
23:45:41.0437 1808 [ E9E47CFB2D461FA0FC75B7A74C6383EA ] C:\WINDOWS\system32\drivers\nic1394.sys
23:45:41.0437 1808 C:\WINDOWS\system32\drivers\nic1394.sys - ok
23:45:41.0437 1808 [ 67C9511A760149797E806FFD9F14AD37 ] C:\WINDOWS\system32\drivers\Rtnicxp.sys
23:45:41.0437 1808 C:\WINDOWS\system32\drivers\Rtnicxp.sys - ok
23:45:41.0453 1808 [ 23EA4D861FAA8A010DB153F9819FB4F7 ] C:\WINDOWS\system32\drivers\PCTELSAP.SYS
23:45:41.0453 1808 C:\WINDOWS\system32\drivers\PCTELSAP.SYS - ok
23:45:41.0453 1808 [ 0753515F78DF7F271A5E61C20BCD36A1 ] C:\WINDOWS\system32\drivers\ks.sys
23:45:41.0453 1808 C:\WINDOWS\system32\drivers\ks.sys - ok
23:45:41.0468 1808 [ 994A42D273C35B43EE9D1E8A5D8BC639 ] C:\WINDOWS\system32\drivers\AGRSM.sys
23:45:41.0468 1808 C:\WINDOWS\system32\drivers\AGRSM.sys - ok
23:45:41.0468 1808 [ 596EB39B50D6EBD9B734DC4AE0544693 ] C:\WINDOWS\system32\drivers\usbd.sys
23:45:41.0468 1808 C:\WINDOWS\system32\drivers\usbd.sys - ok
23:45:41.0484 1808 [ DFCBAD3CEC1C5F964962AE10E0BCC8E1 ] C:\WINDOWS\system32\drivers\modem.sys
23:45:41.0484 1808 C:\WINDOWS\system32\drivers\modem.sys - ok
23:45:41.0484 1808 [ 5575FAF8F97CE5E713D108C2A58D7C7C ] C:\WINDOWS\system32\drivers\parport.sys
23:45:41.0484 1808 C:\WINDOWS\system32\drivers\parport.sys - ok
23:45:41.0500 1808 [ 4A0B06AA8943C1E332520F7440C0AA30 ] C:\WINDOWS\system32\drivers\i8042prt.sys
23:45:41.0500 1808 C:\WINDOWS\system32\drivers\i8042prt.sys - ok
23:45:41.0500 1808 [ 9B793A1FFD480155FE9EE5261153F21B ] C:\WINDOWS\system32\drivers\PS2.sys
23:45:41.0500 1808 C:\WINDOWS\system32\drivers\PS2.sys - ok
23:45:41.0515 1808 [ 083A052659F5310DD8B6A6CB05EDCF8E ] C:\WINDOWS\system32\drivers\imapi.sys
23:45:41.0515 1808 C:\WINDOWS\system32\drivers\imapi.sys - ok
23:45:41.0515 1808 [ 463C1EC80CD17420A542B7F36A36F128 ] C:\WINDOWS\system32\drivers\kbdclass.sys
23:45:41.0515 1808 C:\WINDOWS\system32\drivers\kbdclass.sys - ok
23:45:41.0531 1808 [ 444F122E68DB44C0589227781F3C8B3F ] C:\WINDOWS\system32\drivers\pfc.sys
23:45:41.0531 1808 C:\WINDOWS\system32\drivers\pfc.sys - ok
23:45:41.0531 1808 [ 1F4260CC5B42272D71F79E570A27A4FE ] C:\WINDOWS\system32\drivers\cdrom.sys
23:45:41.0531 1808 C:\WINDOWS\system32\drivers\cdrom.sys - ok
23:45:41.0546 1808 [ F59C3569A2F2C464BB78CB1BDCDCA55E ] C:\WINDOWS\system32\drivers\iviaspi.sys
23:45:41.0546 1808 C:\WINDOWS\system32\drivers\iviaspi.sys - ok
23:45:41.0546 1808 [ F828DD7E1419B6653894A8F97A0094C5 ] C:\WINDOWS\system32\drivers\redbook.sys
23:45:41.0546 1808 C:\WINDOWS\system32\drivers\redbook.sys - ok
23:45:41.0562 1808 [ AB8A6A87D9D7255C3884D5B9541A6E80 ] C:\WINDOWS\system32\drivers\GEARAspiWDM.sys
23:45:41.0562 1808 C:\WINDOWS\system32\drivers\GEARAspiWDM.sys - ok
23:45:41.0562 1808 [ D9F724AA26C010A217C97606B160ED68 ] C:\WINDOWS\system32\drivers\audstub.sys
23:45:41.0562 1808 C:\WINDOWS\system32\drivers\audstub.sys - ok
23:45:41.0578 1808 [ 0109C4F3850DFBAB279542515386AE22 ] C:\WINDOWS\system32\drivers\ndistapi.sys
23:45:41.0578 1808 C:\WINDOWS\system32\drivers\ndistapi.sys - ok
23:45:41.0578 1808 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] C:\WINDOWS\system32\drivers\rasl2tp.sys
23:45:41.0578 1808 C:\WINDOWS\system32\drivers\rasl2tp.sys - ok
23:45:41.0593 1808 [ EDC1531A49C80614B2CFDA43CA8659AB ] C:\WINDOWS\system32\drivers\ndiswan.sys
23:45:41.0593 1808 C:\WINDOWS\system32\drivers\ndiswan.sys - ok
23:45:41.0593 1808 [ 5BC962F2654137C9909C3D4603587DEE ] C:\WINDOWS\system32\drivers\raspppoe.sys
23:45:41.0593 1808 C:\WINDOWS\system32\drivers\raspppoe.sys - ok
23:45:41.0609 1808 [ 0539D5E53587F82D1B4FD74C5BE205CF ] C:\WINDOWS\system32\drivers\tdi.sys
23:45:41.0609 1808 C:\WINDOWS\system32\drivers\tdi.sys - ok
23:45:41.0609 1808 [ 09298EC810B07E5D582CB3A3F9255424 ] C:\WINDOWS\system32\drivers\psched.sys
23:45:41.0609 1808 C:\WINDOWS\system32\drivers\psched.sys - ok
23:45:41.0609 1808 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] C:\WINDOWS\system32\drivers\raspptp.sys
23:45:41.0609 1808 C:\WINDOWS\system32\drivers\raspptp.sys - ok
23:45:41.0625 1808 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] C:\WINDOWS\system32\drivers\msgpc.sys
23:45:41.0625 1808 C:\WINDOWS\system32\drivers\msgpc.sys - ok
23:45:41.0625 1808 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] C:\WINDOWS\system32\drivers\ptilink.sys
23:45:41.0625 1808 C:\WINDOWS\system32\drivers\ptilink.sys - ok
23:45:41.0640 1808 [ FDBB1D60066FCFBB7452FD8F9829B242 ] C:\WINDOWS\system32\drivers\raspti.sys
23:45:41.0640 1808 C:\WINDOWS\system32\drivers\raspti.sys - ok
23:45:41.0640 1808 [ 35C9E97194C8CFB8430125F8DBC34D04 ] C:\WINDOWS\system32\drivers\mouclass.sys
23:45:41.0640 1808 C:\WINDOWS\system32\drivers\mouclass.sys - ok
23:45:41.0656 1808 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] C:\WINDOWS\system32\drivers\swenum.sys
23:45:41.0656 1808 C:\WINDOWS\system32\drivers\swenum.sys - ok
23:45:41.0656 1808 [ 88155247177638048422893737429D9E ] C:\WINDOWS\system32\drivers\termdd.sys
23:45:41.0656 1808 C:\WINDOWS\system32\drivers\termdd.sys - ok
23:45:41.0656 1808 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] C:\WINDOWS\system32\drivers\update.sys
23:45:41.0656 1808 C:\WINDOWS\system32\drivers\update.sys - ok
23:45:41.0671 1808 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] C:\WINDOWS\system32\drivers\mssmbios.sys
23:45:41.0671 1808 C:\WINDOWS\system32\drivers\mssmbios.sys - ok
23:45:41.0671 1808 [ 9282BD12DFB069D3889EB3FCC1000A9B ] C:\WINDOWS\system32\drivers\ndproxy.sys
23:45:41.0671 1808 C:\WINDOWS\system32\drivers\ndproxy.sys - ok
23:45:41.0687 1808 [ 6CB08593487F5701D2D2254E693EAFCE ] C:\WINDOWS\system32\drivers\drmk.sys
23:45:41.0687 1808 C:\WINDOWS\system32\drivers\drmk.sys - ok
23:45:41.0687 1808 [ E82A496C3961EFC6828B508C310CE98F ] C:\WINDOWS\system32\drivers\portcls.sys
23:45:41.0687 1808 C:\WINDOWS\system32\drivers\portcls.sys - ok
23:45:41.0703 1808 [ EAFD29C7918325B45E0DABAFD82EF75F ] C:\WINDOWS\system32\drivers\RtkHDAud.sys
23:45:41.0703 1808 C:\WINDOWS\system32\drivers\RtkHDAud.sys - ok
23:45:41.0703 1808 [ 1AB3CDDE553B6E064D2E754EFE20285C ] C:\WINDOWS\system32\drivers\usbhub.sys
23:45:41.0703 1808 C:\WINDOWS\system32\drivers\usbhub.sys - ok
23:45:41.0718 1808 [ C1B486A7658353D33A10CC15211A873B ] C:\WINDOWS\system32\drivers\cdaudio.sys
23:45:41.0718 1808 C:\WINDOWS\system32\drivers\cdaudio.sys - ok
23:45:41.0718 1808 [ 8E6B8C671615D126FDC553D1E2DE5562 ] C:\WINDOWS\system32\drivers\sfloppy.sys
23:45:41.0718 1808 C:\WINDOWS\system32\drivers\sfloppy.sys - ok
23:45:41.0734 1808 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] C:\WINDOWS\system32\drivers\fs_rec.sys
23:45:41.0734 1808 C:\WINDOWS\system32\drivers\fs_rec.sys - ok
23:45:41.0734 1808 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] C:\WINDOWS\system32\drivers\null.sys
23:45:41.0734 1808 C:\WINDOWS\system32\drivers\null.sys - ok
23:45:41.0734 1808 [ DA1F27D85E0D1525F6621372E7B685E9 ] C:\WINDOWS\system32\drivers\beep.sys
23:45:41.0734 1808 C:\WINDOWS\system32\drivers\beep.sys - ok
23:45:41.0750 1808 [ 96ECCF28FDBF1B2CC12725818A63628D ] C:\WINDOWS\system32\drivers\hidparse.sys
23:45:41.0750 1808 C:\WINDOWS\system32\drivers\hidparse.sys - ok
23:45:41.0750 1808 [ 9EF487A186DEA361AA06913A75B3FA99 ] C:\WINDOWS\system32\drivers\kbdhid.sys
23:45:41.0750 1808 C:\WINDOWS\system32\drivers\kbdhid.sys - ok
23:45:41.0750 1808 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] C:\WINDOWS\system32\drivers\mnmdd.sys
23:45:41.0750 1808 C:\WINDOWS\system32\drivers\mnmdd.sys - ok
23:45:41.0765 1808 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] C:\WINDOWS\system32\drivers\vga.sys
23:45:41.0765 1808 C:\WINDOWS\system32\drivers\vga.sys - ok
23:45:41.0765 1808 [ 4912D5B403614CE99C28420F75353332 ] C:\WINDOWS\system32\drivers\rdpcdd.sys
23:45:41.0765 1808 C:\WINDOWS\system32\drivers\rdpcdd.sys - ok
23:45:41.0781 1808 [ C941EA2454BA8350021D774DAF0F1027 ] C:\WINDOWS\system32\drivers\msfs.sys
23:45:41.0781 1808 C:\WINDOWS\system32\drivers\msfs.sys - ok
23:45:41.0781 1808 [ 3182D64AE053D6FB034F44B6DEF8034A ] C:\WINDOWS\system32\drivers\npfs.sys
23:45:41.0781 1808 C:\WINDOWS\system32\drivers\npfs.sys - ok
23:45:41.0781 1808 [ 23C74D75E36E7158768DD63D92789A91 ] C:\WINDOWS\system32\drivers\ipsec.sys
23:45:41.0781 1808 C:\WINDOWS\system32\drivers\ipsec.sys - ok
23:45:41.0796 1808 [ FE0D99D6F31E4FAD8159F690D68DED9C ] C:\WINDOWS\system32\drivers\rasacd.sys
23:45:41.0796 1808 C:\WINDOWS\system32\drivers\rasacd.sys - ok
23:45:41.0796 1808 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] C:\WINDOWS\system32\drivers\tcpip.sys
23:45:41.0796 1808 C:\WINDOWS\system32\drivers\tcpip.sys - ok
23:45:41.0796 1808 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] C:\WINDOWS\system32\drivers\netbt.sys
23:45:41.0796 1808 C:\WINDOWS\system32\drivers\netbt.sys - ok
23:45:41.0812 1808 [ E20B95BAEDB550F32DD489265C1DA1F6 ] C:\WINDOWS\system32\drivers\wanarp.sys
23:45:41.0812 1808 C:\WINDOWS\system32\drivers\wanarp.sys - ok
23:45:41.0812 1808 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] C:\WINDOWS\system32\drivers\afd.sys
23:45:41.0812 1808 C:\WINDOWS\system32\drivers\afd.sys - ok
23:45:41.0812 1808 [ B5B8A80875C1DEDEDA8B02765642C32F ] C:\WINDOWS\system32\drivers\arp1394.sys
23:45:41.0812 1808 C:\WINDOWS\system32\drivers\arp1394.sys - ok
23:45:41.0828 1808 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] C:\WINDOWS\system32\drivers\netbios.sys
23:45:41.0828 1808 C:\WINDOWS\system32\drivers\netbios.sys - ok
23:45:41.0828 1808 [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] C:\WINDOWS\system32\drivers\serial.sys
23:45:41.0828 1808 C:\WINDOWS\system32\drivers\serial.sys - ok
23:45:41.0828 1808 [ 8FCE268CDBDD83B23419D1F35F42C7B1 ] C:\WINDOWS\system32\drivers\amdk7.sys
23:45:41.0828 1808 C:\WINDOWS\system32\drivers\amdk7.sys - ok
23:45:41.0843 1808 [ 8C953733D8F36EB2133F5BB58808B66B ] C:\WINDOWS\system32\drivers\intelppm.sys
23:45:41.0843 1808 C:\WINDOWS\system32\drivers\intelppm.sys - ok
23:45:41.0843 1808 [ 02960A9C3F4E5178EDBD9C0D2D995B3B ] C:\WINDOWS\system32\drivers\srvkp.sys
23:45:41.0843 1808 C:\WINDOWS\system32\drivers\srvkp.sys - ok
23:45:41.0843 1808 [ 7AD224AD1A1437FE28D89CF22B17780A ] C:\WINDOWS\system32\drivers\rdbss.sys
23:45:41.0843 1808 C:\WINDOWS\system32\drivers\rdbss.sys - ok
23:45:41.0859 1808 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] C:\WINDOWS\system32\drivers\mrxsmb.sys
23:45:41.0859 1808 C:\WINDOWS\system32\drivers\mrxsmb.sys - ok
23:45:41.0859 1808 [ D45926117EB9FA946A6AF572FBE1CAA3 ] C:\WINDOWS\system32\drivers\fips.sys
23:45:41.0859 1808 C:\WINDOWS\system32\drivers\fips.sys - ok
23:45:41.0859 1808 [ F8F0D25CA553E39DDE485D8FC7FCCE89 ] C:\WINDOWS\system32\ntdll.dll
23:45:41.0859 1808 C:\WINDOWS\system32\ntdll.dll - ok
23:45:41.0875 1808 [ 5F816C1F539266D2D4C78694239DA0B5 ] C:\WINDOWS\system32\smss.exe
23:45:41.0875 1808 C:\WINDOWS\system32\smss.exe - ok
23:45:41.0875 1808 [ 173F317CE0DB8E21322E71B7E60A27E8 ] C:\WINDOWS\system32\drivers\usbccgp.sys
23:45:41.0875 1808 C:\WINDOWS\system32\drivers\usbccgp.sys - ok
23:45:41.0890 1808 [ 23043C91A0F9DFB4B9E9F87B680863B4 ] C:\WINDOWS\system32\autochk.exe
23:45:41.0890 1808 C:\WINDOWS\system32\autochk.exe - ok
23:45:41.0890 1808 [ 38D332A6D56AF32635675F132548343E ] C:\WINDOWS\system32\drivers\fastfat.sys
23:45:41.0890 1808 C:\WINDOWS\system32\drivers\fastfat.sys - ok
23:45:41.0890 1808 [ 9DD07AF82244867CA36681EA2D29CE79 ] C:\WINDOWS\system32\sfcfiles.dll
23:45:41.0890 1808 C:\WINDOWS\system32\sfcfiles.dll - ok
23:45:41.0890 1808 [ A32426D9B14A089EAA1D922E0C5801A9 ] C:\WINDOWS\system32\drivers\usbstor.sys
23:45:41.0890 1808 C:\WINDOWS\system32\drivers\usbstor.sys - ok
23:45:41.0906 1808 [ E2E588D92C8E151CD3515EE09FEC90E2 ] C:\WINDOWS\system32\drivers\rt2870.sys
23:45:41.0906 1808 C:\WINDOWS\system32\drivers\rt2870.sys - ok
23:45:41.0906 1808 [ 1AF592532532A402ED7C060F6954004F ] C:\WINDOWS\system32\drivers\hidclass.sys
23:45:41.0906 1808 C:\WINDOWS\system32\drivers\hidclass.sys - ok
23:45:41.0906 1808 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] C:\WINDOWS\system32\drivers\hidusb.sys
23:45:41.0906 1808 C:\WINDOWS\system32\drivers\hidusb.sys - ok
23:45:41.0921 1808 [ 01CC7FB6E790EF044B411377F3A1FF41 ] C:\WINDOWS\system32\drivers\LHidFilt.Sys
23:45:41.0921 1808 C:\WINDOWS\system32\drivers\LHidFilt.Sys - ok
23:45:41.0921 1808 [ B1C303E17FB9D46E87A98E4BA6769685 ] C:\WINDOWS\system32\drivers\mouhid.sys
23:45:41.0921 1808 C:\WINDOWS\system32\drivers\mouhid.sys - ok
23:45:41.0937 1808 [ FD47474BD21794508AF449D9D91AF6E6 ] C:\WINDOWS\system32\drivers\wdf01000.sys
23:45:41.0937 1808 C:\WINDOWS\system32\drivers\wdf01000.sys - ok
23:45:41.0937 1808 [ DED98A3E466251CCAB93D579144B048C ] C:\WINDOWS\system32\drivers\wdfldr.sys
23:45:41.0937 1808 C:\WINDOWS\system32\drivers\wdfldr.sys - ok
23:45:41.0937 1808 [ A2E7EAE8898D7B4B8C302B8F4E836BB5 ] C:\WINDOWS\system32\drivers\LMouFilt.Sys
23:45:41.0937 1808 C:\WINDOWS\system32\drivers\LMouFilt.Sys - ok
23:45:41.0953 1808 [ 2F31B7F954BED437F2C75026C65CAF7B ] C:\WINDOWS\system32\drivers\wmilib.sys
23:45:41.0953 1808 C:\WINDOWS\system32\drivers\wmilib.sys - ok
23:45:41.0953 1808 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] C:\WINDOWS\system32\drivers\atapi.sys
23:45:41.0953 1808 C:\WINDOWS\system32\drivers\atapi.sys - ok
23:45:41.0953 1808 [ FE97D0343ACFDEBDD578FC67CC91FA87 ] C:\WINDOWS\system32\drivers\dxapi.sys
23:45:41.0953 1808 C:\WINDOWS\system32\drivers\dxapi.sys - ok
23:45:41.0968 1808 [ 9A10AACBFDC4922715375FB4065EC930 ] C:\WINDOWS\system32\watchdog.sys
23:45:41.0968 1808 C:\WINDOWS\system32\watchdog.sys - ok
23:45:41.0968 1808 [ D6F934A361D7F0BE8271673988D4E7FD ] C:\WINDOWS\system32\win32k.sys
23:45:41.0968 1808 C:\WINDOWS\system32\win32k.sys - ok
23:45:41.0968 1808 [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll
23:45:41.0968 1808 C:\WINDOWS\system32\basesrv.dll - ok
23:45:41.0984 1808 [ DD40363ABAD230A84C5E2178B11EFA88 ] C:\WINDOWS\system32\csrsrv.dll
23:45:41.0984 1808 C:\WINDOWS\system32\csrsrv.dll - ok
23:45:41.0984 1808 [ 44F275C64738EA2056E3D9580C23B60F ] C:\WINDOWS\system32\csrss.exe
23:45:41.0984 1808 C:\WINDOWS\system32\csrss.exe - ok
23:45:41.0984 1808 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll
23:45:41.0984 1808 C:\WINDOWS\system32\winsrv.dll - ok
23:45:42.0000 1808 [ 8B1F3320AEBB536E021A5014409862DE ] C:\WINDOWS\system32\gdi32.dll
23:45:42.0000 1808 C:\WINDOWS\system32\gdi32.dll - ok
23:45:42.0000 1808 [ B921FB870C9AC0D509B2CCABBBBE95F3 ] C:\WINDOWS\system32\kernel32.dll
23:45:42.0000 1808 C:\WINDOWS\system32\kernel32.dll - ok
23:45:42.0000 1808 [ B26B135FF1B9F60C9388B4A7D16F600B ] C:\WINDOWS\system32\user32.dll
23:45:42.0000 1808 C:\WINDOWS\system32\user32.dll - ok
23:45:42.0015 1808 [ AC7280566A7BB85CB3291F04DDC1198E ] C:\WINDOWS\system32\drivers\dxg.sys
23:45:42.0015 1808 C:\WINDOWS\system32\drivers\dxg.sys - ok
23:45:42.0015 1808 [ A73F5D6705B1D820C19B18782E176EFD ] C:\WINDOWS\system32\drivers\dxgthk.sys
23:45:42.0015 1808 C:\WINDOWS\system32\drivers\dxgthk.sys - ok
23:45:42.0015 1808 [ F6AA886CAC3E2B64DBF1A99CCFC86806 ] C:\WINDOWS\system32\nv4_disp.dll
23:45:42.0015 1808 C:\WINDOWS\system32\nv4_disp.dll - ok
23:45:42.0031 1808 [ ECB7591870F8BFB1A4C17B718AD5A4AA ] C:\WINDOWS\system32\vga.dll
23:45:42.0031 1808 C:\WINDOWS\system32\vga.dll - ok
23:45:42.0031 1808 [ ED0EF0A136DEC83DF69F04118870003E ] C:\WINDOWS\system32\winlogon.exe
23:45:42.0031 1808 C:\WINDOWS\system32\winlogon.exe - ok
23:45:42.0046 1808 [ E76F8807070ED04E7408A86D6D3A6137 ] C:\WINDOWS\system32\advapi32.dll
23:45:42.0046 1808 C:\WINDOWS\system32\advapi32.dll - ok
23:45:42.0046 1808 [ D4502F124289A31976130CCCB014C9AA ] C:\WINDOWS\system32\rpcrt4.dll
23:45:42.0046 1808 C:\WINDOWS\system32\rpcrt4.dll - ok
23:45:42.0062 1808 [ 5357826C8A8DD6A07F17C48BB45BE46E ] C:\WINDOWS\system32\secur32.dll
23:45:42.0062 1808 C:\WINDOWS\system32\secur32.dll - ok
23:45:42.0062 1808 [ 714705F29A917993536A6AB2DEDB0B7F ] C:\WINDOWS\system32\authz.dll
23:45:42.0062 1808 C:\WINDOWS\system32\authz.dll - ok
23:45:42.0078 1808 [ 355EDBB4D412B01F1740C17E3F50FA00 ] C:\WINDOWS\system32\msvcrt.dll
23:45:42.0078 1808 C:\WINDOWS\system32\msvcrt.dll - ok
23:45:42.0078 1808 [ 64416C6E07606720C1ECE6DD374BDFFD ] C:\WINDOWS\system32\crypt32.dll
23:45:42.0078 1808 C:\WINDOWS\system32\crypt32.dll - ok
23:45:42.0093 1808 [ 04D898830DF96A17A20FD35D7590F87E ] C:\WINDOWS\system32\msasn1.dll
23:45:42.0093 1808 C:\WINDOWS\system32\msasn1.dll - ok
23:45:42.0093 1808 [ 013C1148C1EC025596896E093F60F608 ] C:\WINDOWS\system32\nddeapi.dll
23:45:42.0093 1808 C:\WINDOWS\system32\nddeapi.dll - ok
23:45:42.0109 1808 [ CAC752BF84DB4666ED3CE0948E6EA937 ] C:\WINDOWS\system32\netapi32.dll
23:45:42.0109 1808 C:\WINDOWS\system32\netapi32.dll - ok
23:45:42.0109 1808 [ FCFA1C55971CC229D353B3A15ACCD995 ] C:\WINDOWS\system32\profmap.dll
23:45:42.0109 1808 C:\WINDOWS\system32\profmap.dll - ok
23:45:42.0109 1808 [ 43D13C80EBEC0135A3611E0F616F179B ] C:\WINDOWS\system32\userenv.dll
23:45:42.0109 1808 C:\WINDOWS\system32\userenv.dll - ok
23:45:42.0125 1808 [ 9CFCB3CA3D83B4EAA133F0644A2C6F31 ] C:\WINDOWS\system32\psapi.dll
23:45:42.0125 1808 C:\WINDOWS\system32\psapi.dll - ok
23:45:42.0125 1808 [ AF11C591F2F4AFF4A6CF699D376F618B ] C:\WINDOWS\system32\regapi.dll
23:45:42.0125 1808 C:\WINDOWS\system32\regapi.dll - ok
23:45:42.0140 1808 [ 24192246760E0E64435522E246B1D6C2 ] C:\WINDOWS\system32\setupapi.dll
23:45:42.0140 1808 C:\WINDOWS\system32\setupapi.dll - ok
23:45:42.0156 1808 [ C7CE131408739B0B3A318BE2D0032719 ] C:\WINDOWS\system32\version.dll
23:45:42.0156 1808 C:\WINDOWS\system32\version.dll - ok
23:45:42.0156 1808 [ 430CEB794F6E6EF8AC86958C242366D6 ] C:\WINDOWS\system32\winsta.dll
23:45:42.0156 1808 C:\WINDOWS\system32\winsta.dll - ok
23:45:42.0156 1808 [ 95F5C420E9BDD4C3569602911420A774 ] C:\WINDOWS\system32\wintrust.dll
23:45:42.0156 1808 C:\WINDOWS\system32\wintrust.dll - ok
23:45:42.0171 1808 [ FFC01A72D1C25CCB39F61B202CE60819 ] C:\WINDOWS\system32\imagehlp.dll
23:45:42.0171 1808 C:\WINDOWS\system32\imagehlp.dll - ok
23:45:42.0171 1808 [ 9789E95E1D88EEB4B922BF3EA7779C28 ] C:\WINDOWS\system32\ws2help.dll
23:45:42.0171 1808 C:\WINDOWS\system32\ws2help.dll - ok
23:45:42.0187 1808 [ 2CCC474EB85CEAA3E1FA1726580A3E5A ] C:\WINDOWS\system32\ws2_32.dll
23:45:42.0187 1808 C:\WINDOWS\system32\ws2_32.dll - ok
23:45:42.0187 1808 [ 0DA85218E92526972A821587E6A8BF8F ] C:\WINDOWS\system32\imm32.dll
23:45:42.0187 1808 C:\WINDOWS\system32\imm32.dll - ok
23:45:42.0203 1808 [ DAB9952E3626D84E74CBF4958B1B1F52 ] C:\WINDOWS\system32\kbduk.dll
23:45:42.0203 1808 C:\WINDOWS\system32\kbduk.dll - ok
23:45:42.0218 1808 [ 56C5B179FE3308B655EB6208C3256FEC ] C:\WINDOWS\system32\kbdus.dll
23:45:42.0218 1808 C:\WINDOWS\system32\kbdus.dll - ok
23:45:42.0218 1808 [ D7B7A57C0E57C836F18CF12A4C62A1CA ] C:\WINDOWS\system32\msgina.dll
23:45:42.0218 1808 C:\WINDOWS\system32\msgina.dll - ok
23:45:42.0234 1808 [ 93AFB83FBC1F9443CAC722FCA63D73BF ] C:\WINDOWS\system32\comctl32.dll
23:45:42.0234 1808 C:\WINDOWS\system32\comctl32.dll - ok
23:45:42.0234 1808 [ 40B0F98BAD16AD5DEF894E88C3EF8014 ] C:\WINDOWS\system32\odbc32.dll
23:45:42.0234 1808 C:\WINDOWS\system32\odbc32.dll - ok
23:45:42.0250 1808 [ 86987A5000DFA3EBE2275C0456BCF2FE ] C:\WINDOWS\system32\comdlg32.dll
23:45:42.0250 1808 C:\WINDOWS\system32\comdlg32.dll - ok
23:45:42.0250 1808 [ 6843D54BC4A40CC8C5741AF750233D10 ] C:\WINDOWS\system32\shell32.dll
23:45:42.0250 1808 C:\WINDOWS\system32\shell32.dll - ok
23:45:42.0265 1808 [ C448A248B743F5FB935C787A5D97268B ] C:\WINDOWS\system32\shlwapi.dll
23:45:42.0265 1808 C:\WINDOWS\system32\shlwapi.dll - ok
23:45:42.0265 1808 [ 694503348B586E99D56C0E30AB5B3EF8 ] C:\WINDOWS\system32\sxs.dll
23:45:42.0265 1808 C:\WINDOWS\system32\sxs.dll - ok
23:45:42.0281 1808 [ 6B7C6B32F8E84D56C6260D684019FEA2 ] C:\WINDOWS\system32\odbcint.dll
23:45:42.0281 1808 C:\WINDOWS\system32\odbcint.dll - ok
23:45:42.0296 1808 [ 736B12B725AEB2B07F0241A9F680CB10 ] C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
23:45:42.0296 1808 C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll - ok
23:45:42.0296 1808 [ 99BC0B50F511924348BE19C7C7313BBF ] C:\WINDOWS\system32\shsvcs.dll
23:45:42.0296 1808 C:\WINDOWS\system32\shsvcs.dll - ok
23:45:42.0312 1808 [ 96E1C926F22EE1BFBAE82901A35F6BF3 ] C:\WINDOWS\system32\sfc.dll
23:45:42.0312 1808 C:\WINDOWS\system32\sfc.dll - ok
23:45:42.0328 1808 [ 6B5DB6789177A4FD0DEBC248041D0739 ] C:\WINDOWS\system32\sfc_os.dll
23:45:42.0328 1808 C:\WINDOWS\system32\sfc_os.dll - ok
23:45:42.0328 1808 [ 6BAD1BED9872E62049E487FB91AE2F3A ] C:\WINDOWS\system32\ole32.dll
23:45:42.0328 1808 C:\WINDOWS\system32\ole32.dll - ok
23:45:42.0343 1808 [ CF492D7E9AF1C628B3536D20EF6F5CC7 ] C:\WINDOWS\system32\apphelp.dll
23:45:42.0343 1808 C:\WINDOWS\system32\apphelp.dll - ok
23:45:42.0343 1808 [ BF2466B3E18E970D8A976FB95FC1CA85 ] C:\WINDOWS\system32\lsass.exe
23:45:42.0343 1808 C:\WINDOWS\system32\lsass.exe - ok
23:45:42.0359 1808 [ 473AEFCD0D33ED3BB04FC9755AE37DBF ] C:\WINDOWS\system32\savedump.exe
23:45:42.0359 1808 C:\WINDOWS\system32\savedump.exe - ok
23:45:42.0359 1808 [ 65DF52F5B8B6E9BBD183505225C37315 ] C:\WINDOWS\system32\services.exe
23:45:42.0359 1808 C:\WINDOWS\system32\services.exe - ok
23:45:42.0359 1808 [ BD31DC6DBE9333C4FBD4BDF0899F2160 ] C:\WINDOWS\system32\lsasrv.dll
23:45:42.0359 1808 C:\WINDOWS\system32\lsasrv.dll - ok
23:45:42.0375 1808 [ 06848C5A1674FE6C9B7E9CA9B5B4E6E5 ] C:\WINDOWS\system32\dbgeng.dll
23:45:42.0375 1808 C:\WINDOWS\system32\dbgeng.dll - ok
23:45:42.0375 1808 [ EC29A79F1E76DC509E24D401F29D0678 ] C:\WINDOWS\system32\ncobjapi.dll
23:45:42.0375 1808 C:\WINDOWS\system32\ncobjapi.dll - ok
23:45:42.0375 1808 [ F404830F3CD9BF8F2515E489C0CDA297 ] C:\WINDOWS\system32\msvcp60.dll
23:45:42.0375 1808 C:\WINDOWS\system32\msvcp60.dll - ok
23:45:42.0390 1808 [ B24A42A413E694AD73FDFB7FBD492C31 ] C:\WINDOWS\system32\scesrv.dll
23:45:42.0390 1808 C:\WINDOWS\system32\scesrv.dll - ok
23:45:42.0390 1808 [ DD7BD97FB8BD800963789158A5E4B41D ] C:\WINDOWS\system32\mpr.dll
23:45:42.0390 1808 C:\WINDOWS\system32\mpr.dll - ok
23:45:42.0406 1808 [ B6E6F3F5B63053D5DC1F4EE32992492F ] C:\WINDOWS\system32\dbghelp.dll
23:45:42.0406 1808 C:\WINDOWS\system32\dbghelp.dll - ok
23:45:42.0406 1808 [ 389496118B3B03C2328024AF320132AC ] C:\WINDOWS\system32\dnsapi.dll
23:45:42.0406 1808 C:\WINDOWS\system32\dnsapi.dll - ok
23:45:42.0406 1808 [ EC4C0D9BFD9F7E33F8B395AD54E13063 ] C:\WINDOWS\system32\ntdsapi.dll
23:45:42.0406 1808 C:\WINDOWS\system32\ntdsapi.dll - ok
23:45:42.0421 1808 [ 2EDFC2A8893435723AD80481803C6D5C ] C:\WINDOWS\system32\umpnpmgr.dll
23:45:42.0421 1808 C:\WINDOWS\system32\umpnpmgr.dll - ok
23:45:42.0421 1808 [ EA9EE60B408878E5F2012F9C783836DB ] C:\WINDOWS\AppPatch\acadproc.dll
23:45:42.0421 1808 C:\WINDOWS\AppPatch\acadproc.dll - ok
23:45:42.0437 1808 [ 1F03103598BD817B1078DAB1326DDE11 ] C:\WINDOWS\system32\shimeng.dll
23:45:42.0437 1808 C:\WINDOWS\system32\shimeng.dll - ok
23:45:42.0453 1808 [ 0492CF5870F0E616B0C71695A433D162 ] C:\WINDOWS\system32\wldap32.dll
23:45:42.0453 1808 C:\WINDOWS\system32\wldap32.dll - ok
23:45:42.0453 1808 [ 8329A39D5A402A75A74301D6A62ECDA1 ] C:\WINDOWS\system32\samlib.dll
23:45:42.0453 1808 C:\WINDOWS\system32\samlib.dll - ok
23:45:42.0453 1808 [ 310C15FD8358B2C4CD7A5B98A112883F ] C:\WINDOWS\AppPatch\acgenral.dll
23:45:42.0453 1808 C:\WINDOWS\AppPatch\acgenral.dll - ok
23:45:42.0468 1808 [ 1B2BE5777F69A71778F52FFEE1C798D6 ] C:\WINDOWS\system32\oleaut32.dll
23:45:42.0468 1808 C:\WINDOWS\system32\oleaut32.dll - ok
23:45:42.0468 1808 [ F05B8CDB7FE0E55DCCFB1D946CE80064 ] C:\WINDOWS\system32\samsrv.dll
23:45:42.0468 1808 C:\WINDOWS\system32\samsrv.dll - ok
23:45:42.0484 1808 [ 4A953F13942867BA8FB41F141EC1B80C ] C:\WINDOWS\system32\winmm.dll
23:45:42.0484 1808 C:\WINDOWS\system32\winmm.dll - ok
23:45:42.0484 1808 [ 17A1D675C12BBF80CAAC54A4855C41D0 ] C:\WINDOWS\system32\cryptdll.dll
23:45:42.0484 1808 C:\WINDOWS\system32\cryptdll.dll - ok
23:45:42.0500 1808 [ 2098AB52BD5316E59AA36F3437B13BE6 ] C:\WINDOWS\system32\msacm32.dll
23:45:42.0500 1808 C:\WINDOWS\system32\msacm32.dll - ok
23:45:42.0515 1808 [ 7A2CC3719B255E6B5D74396183B7715B ] C:\WINDOWS\system32\uxtheme.dll
23:45:42.0515 1808 C:\WINDOWS\system32\uxtheme.dll - ok
23:45:42.0515 1808 [ F24B12786D60A17008319E3F2AEE7799 ] C:\WINDOWS\system32\msapsspc.dll
23:45:42.0515 1808 C:\WINDOWS\system32\msapsspc.dll - ok
23:45:42.0546 1808 [ 0099D24356585743B0B35C222092FD8F ] C:\WINDOWS\system32\faultrep.dll
23:45:42.0546 1808 C:\WINDOWS\system32\faultrep.dll - ok
23:45:42.0562 1808 [ 7A660EDC0757849DF5F8706FB6E9F740 ] C:\WINDOWS\system32\msvcrt40.dll
23:45:42.0562 1808 C:\WINDOWS\system32\msvcrt40.dll - ok
23:45:42.0562 1808 [ 0E2735281FBB9A764D5584C2A5DCBA59 ] C:\WINDOWS\system32\wtsapi32.dll
23:45:42.0562 1808 C:\WINDOWS\system32\wtsapi32.dll - ok
23:45:42.0578 1808 [ 0F64207B49390C8063C36AE7CBF9C2DB ] C:\WINDOWS\system32\schannel.dll
23:45:42.0578 1808 C:\WINDOWS\system32\schannel.dll - ok
23:45:42.0640 1808 [ 3D76DD0CBC536E0F8C45D23ED230BEB2 ] C:\WINDOWS\system32\digest.dll
23:45:42.0640 1808 C:\WINDOWS\system32\digest.dll - ok
23:45:42.0687 1808 [ A4388DF80E52695AE92EE5F3F61F1619 ] C:\WINDOWS\system32\msnsspc.dll
23:45:42.0687 1808 C:\WINDOWS\system32\msnsspc.dll - ok
23:45:42.0703 1808 [ 3F790874A85819E94574F3E7AF9C5806 ] C:\WINDOWS\system32\msctfime.ime
23:45:42.0703 1808 C:\WINDOWS\system32\msctfime.ime - ok
23:45:42.0703 1808 [ C6BB1D1500DB4A0E224CB65E6C7E8A80 ] C:\WINDOWS\system32\msprivs.dll
23:45:42.0703 1808 C:\WINDOWS\system32\msprivs.dll - ok
23:45:42.0718 1808 [ A525C96C51D55111FDF3BEA9FFFFC7AE ] C:\WINDOWS\system32\kerberos.dll
23:45:42.0718 1808 C:\WINDOWS\system32\kerberos.dll - ok
23:45:42.0718 1808 [ 517561A1113B04E51D936CD018DE1C1F ] C:\WINDOWS\system32\msv1_0.dll
23:45:42.0718 1808 C:\WINDOWS\system32\msv1_0.dll - ok
23:45:42.0734 1808 [ AF07DC9B7CC455629E732340C7B15F3A ] C:\WINDOWS\system32\iphlpapi.dll
23:45:42.0734 1808 C:\WINDOWS\system32\iphlpapi.dll - ok
23:45:42.0750 1808 [ 1B7F071C51B77C272875C3A23E1E4550 ] C:\WINDOWS\system32\netlogon.dll
23:45:42.0750 1808 C:\WINDOWS\system32\netlogon.dll - ok
23:45:42.0750 1808 [ 1E644E3533DCE2B580A663AE1ACBD539 ] C:\WINDOWS\system32\atmfd.dll
23:45:42.0765 1808 C:\WINDOWS\system32\atmfd.dll - ok
23:45:42.0765 1808 [ 54DAE3EA34802B4ED9AE1C6B1209FA56 ] C:\WINDOWS\system32\rsaenh.dll
23:45:42.0765 1808 C:\WINDOWS\system32\rsaenh.dll - ok
23:45:42.0765 1808 [ 54AF4B1D5459500EF0937F6D33B1914F ] C:\WINDOWS\system32\w32time.dll
23:45:42.0765 1808 C:\WINDOWS\system32\w32time.dll - ok
23:45:42.0781 1808 [ 3AAF9B35939FF9E58CCD18D41655C2FC ] C:\WINDOWS\system32\wdigest.dll
23:45:42.0781 1808 C:\WINDOWS\system32\wdigest.dll - ok
23:45:42.0796 1808 [ 02988B904C386B500CD08639C4C20EEA ] C:\WINDOWS\system32\winscard.dll
23:45:42.0796 1808 C:\WINDOWS\system32\winscard.dll - ok
23:45:42.0796 1808 [ A86BB5E61BF3E39B62AB4C7E7085A084 ] C:\WINDOWS\system32\scecli.dll
23:45:42.0796 1808 C:\WINDOWS\system32\scecli.dll - ok
23:45:42.0812 1808 [ 27C6D03BCDB8CFEB96B716F3D8BE3E18 ] C:\WINDOWS\system32\svchost.exe
23:45:42.0812 1808 C:\WINDOWS\system32\svchost.exe - ok
23:45:42.0812 1808 [ 549290DBC280C887681D7652978DBBE0 ] C:\WINDOWS\system32\ntmarta.dll
23:45:42.0812 1808 C:\WINDOWS\system32\ntmarta.dll - ok
23:45:42.0828 1808 [ 6B27A5C03DFB94B4245739065431322C ] C:\WINDOWS\system32\rpcss.dll
23:45:42.0828 1808 C:\WINDOWS\system32\rpcss.dll - ok
23:45:42.0828 1808 [ 16403217AB6FC5C30C14C6B12098AD4B ] C:\WINDOWS\system32\xpsp2res.dll
23:45:42.0828 1808 C:\WINDOWS\system32\xpsp2res.dll - ok
23:45:42.0843 1808 [ 6D4FEB43EE538FC5428CC7F0565AA656 ] C:\WINDOWS\system32\eventlog.dll
23:45:42.0843 1808 C:\WINDOWS\system32\eventlog.dll - ok
23:45:42.0843 1808 [ 943337D786A56729263071623BBB9DE5 ] C:\WINDOWS\system32\mswsock.dll
23:45:42.0843 1808 C:\WINDOWS\system32\mswsock.dll - ok
23:45:42.0843 1808 [ 3CB32D3B8CBE79899D63280BB7A83CD9 ] C:\WINDOWS\system32\hnetcfg.dll
23:45:42.0859 1808 C:\WINDOWS\system32\hnetcfg.dll - ok
23:45:42.0859 1808 [ 0E3E56064E162EE9CC48698355098301 ] C:\Program Files\Bonjour\mdnsNSP.dll
23:45:42.0859 1808 C:\Program Files\Bonjour\mdnsNSP.dll - ok
23:45:42.0859 1808 [ 4E3D06D6E68EEDB52565080F55B460D3 ] C:\WINDOWS\system32\wshtcpip.dll
23:45:42.0859 1808 C:\WINDOWS\system32\wshtcpip.dll - ok
23:45:42.0875 1808 [ D72B9EC3337B247A666F098F3D6B43DE ] C:\WINDOWS\system32\winrnr.dll
23:45:42.0875 1808 C:\WINDOWS\system32\winrnr.dll - ok
23:45:42.0875 1808 [ 6F9BEF24C578D5D6740E080BEDD6A448 ] C:\WINDOWS\system32\rasadhlp.dll
23:45:42.0875 1808 C:\WINDOWS\system32\rasadhlp.dll - ok
23:45:42.0890 1808 [ 904120AAB6EF27B6AF73C19D09EB2695 ] C:\WINDOWS\system32\WudfPlatform.dll
23:45:42.0890 1808 C:\WINDOWS\system32\WudfPlatform.dll - ok
23:45:42.0890 1808 [ AE93084D2D236887BA56467AE42B4955 ] C:\WINDOWS\system32\WudfSvc.dll
23:45:42.0890 1808 C:\WINDOWS\system32\WudfSvc.dll - ok
23:45:42.0906 1808 [ 023867B6606FBABCDD52E089C4A507DA ] C:\WINDOWS\system32\drivers\AegisP.sys
23:45:42.0906 1808 C:\WINDOWS\system32\drivers\AegisP.sys - ok
23:45:42.0906 1808 [ F927A4434C5028758A842943EF1A3849 ] C:\WINDOWS\system32\drivers\ndisuio.sys
23:45:42.0906 1808 C:\WINDOWS\system32\drivers\ndisuio.sys - ok
23:45:42.0921 1808 [ 5E38D7684A49CACFB752B046357E0589 ] C:\WINDOWS\system32\dhcpcsvc.dll
23:45:42.0921 1808 C:\WINDOWS\system32\dhcpcsvc.dll - ok
23:45:42.0921 1808 [ 5F7E24FA9EAB896051FFB87F840730D2 ] C:\WINDOWS\system32\dnsrslvr.dll
23:45:42.0921 1808 C:\WINDOWS\system32\dnsrslvr.dll - ok
23:45:42.0937 1808 [ A7DB739AE99A796D91580147E919CC59 ] C:\WINDOWS\system32\lmhsvc.dll
23:45:42.0937 1808 C:\WINDOWS\system32\lmhsvc.dll - ok
23:45:42.0937 1808 [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] C:\WINDOWS\system32\wzcsvc.dll
23:45:42.0937 1808 C:\WINDOWS\system32\wzcsvc.dll - ok
23:45:42.0953 1808 [ 876CCF164E08D6B903CD14398E056DD2 ] C:\WINDOWS\system32\rtutils.dll
23:45:42.0953 1808 C:\WINDOWS\system32\rtutils.dll - ok
23:45:42.0953 1808 [ E6EF7BC927D9F8F9BA1584BFC39E0C6F ] C:\WINDOWS\system32\eapolqec.dll
23:45:42.0953 1808 C:\WINDOWS\system32\eapolqec.dll - ok
23:45:42.0953 1808 [ 7B0770526801F05D58C51A3DFB87B4BD ] C:\WINDOWS\system32\wmi.dll
23:45:42.0953 1808 C:\WINDOWS\system32\wmi.dll - ok
23:45:42.0968 1808 [ 224FB925C641DA16CEB6D60F40CA4C75 ] C:\WINDOWS\system32\atl.dll
23:45:42.0968 1808 C:\WINDOWS\system32\atl.dll - ok
23:45:42.0968 1808 [ 8E2CC37BA87D8F681066E0E9C8A19F73 ] C:\WINDOWS\system32\dot3api.dll
23:45:42.0968 1808 C:\WINDOWS\system32\dot3api.dll - ok
23:45:42.0984 1808 [ 8AE93AACC648921BAACB8602991AC4B3 ] C:\WINDOWS\system32\qutil.dll
23:45:42.0984 1808 C:\WINDOWS\system32\qutil.dll - ok
23:45:42.0984 1808 [ F5B754CDEA20BBB3A31E16A776EDE6D6 ] C:\WINDOWS\system32\esent.dll
23:45:42.0984 1808 C:\WINDOWS\system32\esent.dll - ok
23:45:43.0000 1808 [ F137A0CA70003DB20448D540651FA003 ] C:\WINDOWS\system32\clbcatq.dll
23:45:43.0000 1808 C:\WINDOWS\system32\clbcatq.dll - ok
23:45:43.0000 1808 [ 1280A158C722FA95A80FB7AEBE78FA7D ] C:\WINDOWS\system32\comres.dll
23:45:43.0000 1808 C:\WINDOWS\system32\comres.dll - ok
23:45:43.0015 1808 [ B714735C12A70171DE28657948FD91F1 ] C:\WINDOWS\system32\mlang.dll
23:45:43.0015 1808 C:\WINDOWS\system32\mlang.dll - ok
23:45:43.0015 1808 [ A39BE37C9237DB5F1990D61B268EA555 ] C:\WINDOWS\system32\rastls.dll
23:45:43.0015 1808 C:\WINDOWS\system32\rastls.dll - ok
23:45:43.0031 1808 [ 767FF54A552732CE772C2302025FA82F ] C:\WINDOWS\system32\wzcsapi.dll
23:45:43.0031 1808 C:\WINDOWS\system32\wzcsapi.dll - ok
23:45:43.0031 1808 [ 566382CA5F2C41FEAEEEFAC908F1EB92 ] C:\WINDOWS\system32\xmlprovi.dll
23:45:43.0031 1808 C:\WINDOWS\system32\xmlprovi.dll - ok
23:45:43.0046 1808 [ 6E4BE11D50F8A8DE2BAD644C9C9DE8D3 ] C:\WINDOWS\system32\cryptui.dll
23:45:43.0046 1808 C:\WINDOWS\system32\cryptui.dll - ok
23:45:43.0046 1808 [ 2081A5B5E4ABA206A0A8A1A97DF0FB23 ] C:\WINDOWS\system32\logonui.exe
23:45:43.0046 1808 C:\WINDOWS\system32\logonui.exe - ok
23:45:43.0062 1808 [ 515A7FAE2070C2B0242B2353443E2F11 ] C:\WINDOWS\system32\cscdll.dll
23:45:43.0062 1808 C:\WINDOWS\system32\cscdll.dll - ok
23:45:43.0062 1808 [ E2092F0A1D7ABC243F9C2362483D150D ] C:\WINDOWS\system32\dimsntfy.dll
23:45:43.0062 1808 C:\WINDOWS\system32\dimsntfy.dll - ok
23:45:43.0078 1808 [ 0AC731A0956AF6092F76E8F5159D00C1 ] C:\Program Files\Common Files\Logishrd\Bluetooth\LBTWLgn.dll
23:45:43.0078 1808 C:\Program Files\Common Files\Logishrd\Bluetooth\LBTWLgn.dll - ok
23:45:43.0078 1808 [ C4300CB4D20B1159DC77E01E8A2525EC ] C:\WINDOWS\system32\wininet.dll
23:45:43.0078 1808 C:\WINDOWS\system32\wininet.dll - ok
23:45:43.0093 1808 [ 3D41A9326F0376FC73AF961DD23B1FB1 ] C:\WINDOWS\system32\duser.dll
23:45:43.0093 1808 C:\WINDOWS\system32\duser.dll - ok
23:45:43.0093 1808 [ AFFC87E2501FCE8F09D4C10BA6421CCF ] C:\WINDOWS\system32\msimg32.dll
23:45:43.0093 1808 C:\WINDOWS\system32\msimg32.dll - ok
23:45:43.0109 1808 [ 2CC34E8BB667EEF78899546E12649196 ] C:\WINDOWS\system32\wlnotify.dll
23:45:43.0109 1808 C:\WINDOWS\system32\wlnotify.dll - ok
23:45:43.0125 1808 [ 20200EE3CFE10E9F0C028D8653BE11C6 ] C:\WINDOWS\system32\oleacc.dll
23:45:43.0125 1808 C:\WINDOWS\system32\oleacc.dll - ok
23:45:43.0125 1808 [ BD83ABA61E8ACCC8D9FFB869F29418CE ] C:\WINDOWS\system32\winspool.drv
23:45:43.0125 1808 C:\WINDOWS\system32\winspool.drv - ok
23:45:43.0125 1808 [ 10753A3ADC3E39A3B10CC3F08E98E6B4 ] C:\WINDOWS\system32\normaliz.dll
23:45:43.0125 1808 C:\WINDOWS\system32\normaliz.dll - ok
23:45:43.0140 1808 [ C9335D5B07E6A930BD561D35C431A0AF ] C:\WINDOWS\system32\urlmon.dll
23:45:43.0140 1808 C:\WINDOWS\system32\urlmon.dll - ok
23:45:43.0140 1808 [ 46485AE6433AF77F237C792D3DA11F48 ] C:\WINDOWS\system32\iertutil.dll
23:45:43.0140 1808 C:\WINDOWS\system32\iertutil.dll - ok
23:45:43.0156 1808 [ E5EDBD51476DB5001ABF5C82AE5C3DD1 ] C:\WINDOWS\system32\shgina.dll
23:45:43.0156 1808 C:\WINDOWS\system32\shgina.dll - ok
23:45:43.0156 1808 [ EA5B8BECA3F279C757578CD7F1E95855 ] C:\WINDOWS\system32\mprapi.dll
23:45:43.0156 1808 C:\WINDOWS\system32\mprapi.dll - ok
23:45:43.0171 1808 [ 2CDAE321B8E878A278BA2D2FA013060B ] C:\WINDOWS\system32\activeds.dll
23:45:43.0171 1808 C:\WINDOWS\system32\activeds.dll - ok
23:45:43.0171 1808 [ 0D84657DBF93DB98673DEFDF2B29E25A ] C:\WINDOWS\system32\adsldpc.dll
23:45:43.0171 1808 C:\WINDOWS\system32\adsldpc.dll - ok
23:45:43.0187 1808 [ 92C4F48B62B0B876194584C3FF09CCB6 ] C:\WINDOWS\system32\rasapi32.dll
23:45:43.0187 1808 C:\WINDOWS\system32\rasapi32.dll - ok
23:45:43.0187 1808 [ 4DEF926F6A0545AE486A03C84F2EE482 ] C:\WINDOWS\system32\rasman.dll
23:45:43.0187 1808 C:\WINDOWS\system32\rasman.dll - ok
23:45:43.0187 1808 [ 00AABF131B4823785818DB99A075A313 ] C:\WINDOWS\system32\tapi32.dll
23:45:43.0187 1808 C:\WINDOWS\system32\tapi32.dll - ok
23:45:43.0203 1808 [ C1FAEA15E41F62D7BFA7FBC395C24BA6 ] C:\WINDOWS\system32\riched20.dll
23:45:43.0203 1808 C:\WINDOWS\system32\riched20.dll - ok
23:45:43.0203 1808 [ 56CE97FF94B7662A300D359CD6F4D601 ] C:\WINDOWS\system32\raschap.dll
23:45:43.0203 1808 C:\WINDOWS\system32\raschap.dll - ok
23:45:43.0218 1808 [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] C:\WINDOWS\system32\schedsvc.dll
23:45:43.0218 1808 C:\WINDOWS\system32\schedsvc.dll - ok
23:45:43.0218 1808 [ E47E364C96467FD54FA44D59F927C3AB ] C:\WINDOWS\system32\msidle.dll
23:45:43.0218 1808 C:\WINDOWS\system32\msidle.dll - ok
23:45:43.0234 1808 [ 60784F891563FB1B767F70117FC2428F ] C:\WINDOWS\system32\spoolsv.exe
23:45:43.0234 1808 C:\WINDOWS\system32\spoolsv.exe - ok
23:45:43.0234 1808 [ DEF7A7882BEC100FE0B2CE2549188F9D ] C:\WINDOWS\system32\audiosrv.dll
23:45:43.0234 1808 C:\WINDOWS\system32\audiosrv.dll - ok
23:45:43.0250 1808 [ A8888A5327621856C0CEC4E385F69309 ] C:\WINDOWS\system32\wkssvc.dll
23:45:43.0250 1808 C:\WINDOWS\system32\wkssvc.dll - ok
23:45:43.0250 1808 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] C:\WINDOWS\system32\drivers\mrxdav.sys
23:45:43.0250 1808 C:\WINDOWS\system32\drivers\mrxdav.sys - ok
23:45:43.0265 1808 [ 77A354E28153AD2D5E120A5A8687BC06 ] C:\WINDOWS\system32\webclnt.dll
23:45:43.0265 1808 C:\WINDOWS\system32\webclnt.dll - ok
23:45:43.0265 1808 [ A8AA9D47F971570A5162B862B80F87E8 ] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
23:45:43.0265 1808 C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe - ok
23:45:43.0281 1808 [ 67156D5A9AC356DC99D7BCCB388E3316 ] C:\WINDOWS\system32\wsock32.dll
23:45:43.0281 1808 C:\WINDOWS\system32\wsock32.dll - ok
23:45:43.0281 1808 [ 9EFE4236F8670846B6E7C5B0EFF6E715 ] C:\Program Files\Bonjour\mDNSResponder.exe
23:45:43.0281 1808 C:\Program Files\Bonjour\mDNSResponder.exe - ok
23:45:43.0296 1808 [ C5A75EB48E2344ABDC162BDA79E16841 ] C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
23:45:43.0296 1808 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe - ok
23:45:43.0296 1808 [ E5F7C30EDF0892667933BE879F067D67 ] C:\WINDOWS\system32\msvcr100_clr0400.dll
23:45:43.0296 1808 C:\WINDOWS\system32\msvcr100_clr0400.dll - ok
23:45:43.0312 1808 [ 128DD9AF8640DBCC711940903C8B554F ] C:\WINDOWS\system32\mscoree.dll
23:45:43.0312 1808 C:\WINDOWS\system32\mscoree.dll - ok
23:45:43.0312 1808 [ 3D4E199942E29207970E04315D02AD3B ] C:\WINDOWS\system32\cryptsvc.dll
23:45:43.0312 1808 C:\WINDOWS\system32\cryptsvc.dll - ok
23:45:43.0328 1808 [ 00709952D444EAE14DBBD30D36FBAE0F ] C:\WINDOWS\system32\certcli.dll
23:45:43.0328 1808 C:\WINDOWS\system32\certcli.dll - ok
23:45:43.0328 1808 [ BC93B4A066477954555966D77FEC9ECB ] C:\WINDOWS\system32\ersvc.dll
23:45:43.0328 1808 C:\WINDOWS\system32\ersvc.dll - ok
23:45:43.0343 1808 [ D4991D98F2DB73C60D042F1AEF79EFAE ] C:\WINDOWS\system32\es.dll
23:45:43.0343 1808 C:\WINDOWS\system32\es.dll - ok
23:45:43.0343 1808 [ 80F08F50D248EEEEB9256F6522891D40 ] C:\Program Files\Java\jre7\bin\jqs.exe
23:45:43.0343 1808 C:\Program Files\Java\jre7\bin\jqs.exe - ok
23:45:43.0359 1808 [ 4FCCA060DFE0C51A09DD5C3843888BCD ] C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll
23:45:43.0359 1808 C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll - ok
23:45:43.0359 1808 [ DEB04DA35CC871B6D309B77E1443C796 ] C:\WINDOWS\system32\hidserv.dll
23:45:43.0359 1808 C:\WINDOWS\system32\hidserv.dll - ok
23:45:43.0375 1808 [ 67EC459E42D3081DD8FD34356F7CAFC1 ] C:\Program Files\Java\jre7\bin\msvcr100.dll
23:45:43.0375 1808 C:\Program Files\Java\jre7\bin\msvcr100.dll - ok
23:45:43.0375 1808 [ 8973122796E3B5D6B5900FC186E55FEA ] C:\WINDOWS\system32\hid.dll
23:45:43.0375 1808 C:\WINDOWS\system32\hid.dll - ok
23:45:43.0390 1808 [ 369F7B1A4F358B976176556A1A331F36 ] C:\WINDOWS\system32\odbcbcp.dll
23:45:43.0390 1808 C:\WINDOWS\system32\odbcbcp.dll - ok
23:45:43.0390 1808 [ 62CF83A6989312A0DD39BBFFB3D1C166 ] C:\WINDOWS\system32\pdh.dll
23:45:43.0390 1808 C:\WINDOWS\system32\pdh.dll - ok
23:45:43.0390 1808 [ BE2DC24D403643A2D1D98F33C7087B38 ] C:\WINDOWS\system32\drivers\LBeepKE.sys
23:45:43.0390 1808 C:\WINDOWS\system32\drivers\LBeepKE.sys - ok
23:45:43.0406 1808 [ 3A7C3CBE5D96B8AE96CE81F0B22FB527 ] C:\WINDOWS\system32\srvsvc.dll
23:45:43.0406 1808 C:\WINDOWS\system32\srvsvc.dll - ok
23:45:43.0406 1808 [ 85B16A92B117A5A800032ECD904B86DB ] C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
23:45:43.0406 1808 C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe - ok
23:45:43.0421 1808 [ 20FD44370267CCD0A64A1B31861C21D2 ] C:\WINDOWS\system32\netmsg.dll
23:45:43.0421 1808 C:\WINDOWS\system32\netmsg.dll - ok
23:45:43.0421 1808 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] C:\WINDOWS\system32\drivers\srv.sys
23:45:43.0421 1808 C:\WINDOWS\system32\drivers\srv.sys - ok
23:45:43.0437 1808 [ ACDAFCD14EC0ECE89198503746A5C147 ] C:\WINDOWS\system32\perfos.dll
23:45:43.0437 1808 C:\WINDOWS\system32\perfos.dll - ok
23:45:43.0437 1808 [ C0F7C25EEFB1C5FD554AAA801201A83C ] C:\Program Files\Malwarebytes' Anti-Malware\mbam.dll
23:45:43.0437 1808 C:\Program Files\Malwarebytes' Anti-Malware\mbam.dll - ok
23:45:43.0453 1808 [ ABFB673B24A9B3287761D497529FB5B9 ] C:\WINDOWS\system32\perfdisk.dll
23:45:43.0453 1808 C:\WINDOWS\system32\perfdisk.dll - ok
23:45:43.0453 1808 [ C885B02847F5D2FD45A24E219ED93B32 ] C:\WINDOWS\system32\drivers\cdfs.sys
23:45:43.0453 1808 C:\WINDOWS\system32\drivers\cdfs.sys - ok
23:45:43.0468 1808 [ A8AD2773202A3913D1E1564BD5703183 ] C:\Program Files\Malwarebytes' Anti-Malware\mbamnet.dll
23:45:43.0468 1808 C:\Program Files\Malwarebytes' Anti-Malware\mbamnet.dll - ok
23:45:43.0468 1808 [ 79E3A8C328E7E569C32B0998377D9742 ] C:\WINDOWS\system32\spoolss.dll
23:45:43.0468 1808 C:\WINDOWS\system32\spoolss.dll - ok
23:45:43.0484 1808 [ 5677DFE438EC1F009273FC84FEED6B10 ] C:\WINDOWS\system32\localspl.dll
23:45:43.0484 1808 C:\WINDOWS\system32\localspl.dll - ok
23:45:43.0484 1808 [ 5D3D1AB0EF4EA55B731863050482C111 ] C:\WINDOWS\system32\cnbjmon.dll
23:45:43.0484 1808 C:\WINDOWS\system32\cnbjmon.dll - ok
23:45:43.0500 1808 [ CC6292CA575E851E5B74BF8883AB967A ] C:\WINDOWS\system32\fxsmon.dll
23:45:43.0500 1808 C:\WINDOWS\system32\fxsmon.dll - ok
23:45:43.0500 1808 [ BDB83C844EDEC9BD01A94750D2C38DDF ] C:\WINDOWS\system32\fxsevent.dll
23:45:43.0500 1808 C:\WINDOWS\system32\fxsevent.dll - ok
23:45:43.0500 1808 [ C52CE534397E1D3A442FB4C88A3CBE42 ] C:\WINDOWS\system32\msonpmon.dll
23:45:43.0500 1808 C:\WINDOWS\system32\msonpmon.dll - ok
23:45:43.0515 1808 [ 222DE7F5EDB9DDBE628384A1A8BE59CE ] C:\WINDOWS\system32\pjlmon.dll
23:45:43.0515 1808 C:\WINDOWS\system32\pjlmon.dll - ok
23:45:43.0515 1808 [ C9564CF4976E7E96B4052737AA2492B4 ] C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\msvcr80.dll
23:45:43.0515 1808 C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\msvcr80.dll - ok
23:45:43.0531 1808 [ D3F72D50DE53F9F1F55240115AF4D42E ] C:\WINDOWS\system32\msi.dll
23:45:43.0531 1808 C:\WINDOWS\system32\msi.dll - ok
23:45:43.0531 1808 [ AE0382AD9C73D343D85E1A50C80B7C20 ] C:\WINDOWS\system32\tcpmon.dll
23:45:43.0531 1808 C:\WINDOWS\system32\tcpmon.dll - ok
23:45:43.0546 1808 [ 1633409E67F1BD6E5AC8ECB9CD5D2027 ] C:\WINDOWS\system32\nvsvc32.exe
23:45:43.0546 1808 C:\WINDOWS\system32\nvsvc32.exe - ok
23:45:43.0546 1808 [ 50A166237A0FA771261275A405646CC0 ] C:\WINDOWS\system32\powrprof.dll
23:45:43.0546 1808 C:\WINDOWS\system32\powrprof.dll - ok
23:45:43.0562 1808 [ F26385E8BA4549B5186B774EC0E45D86 ] C:\WINDOWS\system32\usbmon.dll
23:45:43.0562 1808 C:\WINDOWS\system32\usbmon.dll - ok
23:45:43.0578 1808 [ A4DF135D9CBE77CD3F6E272558C2B907 ] C:\WINDOWS\system32\nvcpl.dll
23:45:43.0578 1808 C:\WINDOWS\system32\nvcpl.dll - ok
23:45:43.0578 1808 [ EEE7F12D9FF46F68FBC0DA059A359E9E ] C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll
23:45:43.0578 1808 C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll - ok
23:45:43.0578 1808 [ 53B518B36FF81CB21334E43237B7B461 ] C:\Program Files\Arcadyan Wireless\pctwpasv.exe
23:45:43.0578 1808 C:\Program Files\Arcadyan Wireless\pctwpasv.exe - ok
23:45:43.0593 1808 [ F348280907B38FDBDB3CEF55D456E149 ] C:\WINDOWS\system32\spool\prtprocs\w32x86\msonpppr.dll
23:45:43.0593 1808 C:\WINDOWS\system32\spool\prtprocs\w32x86\msonpppr.dll - ok
23:45:43.0593 1808 [ 291778DFEBAA278B451D457B03C10AC1 ] C:\WINDOWS\system32\win32spl.dll
23:45:43.0593 1808 C:\WINDOWS\system32\win32spl.dll - ok
23:45:43.0609 1808 [ B41D53899E37CC43DA85DA19998BEE81 ] C:\WINDOWS\system32\netrap.dll
23:45:43.0609 1808 C:\WINDOWS\system32\netrap.dll - ok
23:45:43.0609 1808 [ 90FCB99048A4E6527B7F9AE28D896D50 ] C:\WINDOWS\system32\PCTIN50.dll
23:45:43.0609 1808 C:\WINDOWS\system32\PCTIN50.dll - ok
23:45:43.0625 1808 [ 5F0CE62E0831CF972EC6949FD3E37DA7 ] C:\WINDOWS\system32\cfgmgr32.dll
23:45:43.0625 1808 C:\WINDOWS\system32\cfgmgr32.dll - ok
23:45:43.0625 1808 [ EE4C651A217B01D636B5364AC77DA892 ] C:\WINDOWS\system32\inetpp.dll
23:45:43.0625 1808 C:\WINDOWS\system32\inetpp.dll - ok
23:45:43.0640 1808 [ 332760FBA1655FCFD35BD6F4FD871300 ] C:\WINDOWS\system32\ipsecsvc.dll
23:45:43.0640 1808 C:\WINDOWS\system32\ipsecsvc.dll - ok
23:45:43.0640 1808 [ C5FF8682EADA5B3B27A865F1C3EF9270 ] C:\WINDOWS\system32\oakley.dll
23:45:43.0640 1808 C:\WINDOWS\system32\oakley.dll - ok
23:45:43.0640 1808 [ CBE612E2BB6A10E3563336191EDA1250 ] C:\WINDOWS\system32\seclogon.dll
23:45:43.0640 1808 C:\WINDOWS\system32\seclogon.dll - ok
23:45:43.0656 1808 [ 60C377BE6B3CC83F6A8584934B181D2E ] C:\WINDOWS\system32\snmp.exe
23:45:43.0656 1808 C:\WINDOWS\system32\snmp.exe - ok
23:45:43.0656 1808 [ 248712EA6BA17B9FF0C542A3828375DD ] C:\WINDOWS\system32\winipsec.dll
23:45:43.0656 1808 C:\WINDOWS\system32\winipsec.dll - ok
23:45:43.0687 1808 [ 853D0D0C6F02D7BFDF1CF99DD7553732 ] C:\WINDOWS\system32\pstorsvc.dll
23:45:43.0687 1808 C:\WINDOWS\system32\pstorsvc.dll - ok
23:45:43.0687 1808 [ 22D89D84E8E081CDA529DBF8C0255A38 ] C:\WINDOWS\system32\psbase.dll
23:45:43.0687 1808 C:\WINDOWS\system32\psbase.dll - ok
23:45:43.0703 1808 [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] C:\WINDOWS\system32\sens.dll
23:45:43.0703 1808 C:\WINDOWS\system32\sens.dll - ok
23:45:43.0703 1808 [ 5C1F0537E61F87B435F56E00B4F20EE8 ] C:\WINDOWS\system32\snmpapi.dll
23:45:43.0703 1808 C:\WINDOWS\system32\snmpapi.dll - ok
23:45:43.0718 1808 [ FEDE68BF80052BAD393AFD5C2E60DCB0 ] C:\WINDOWS\system32\dssenh.dll
23:45:43.0718 1808 C:\WINDOWS\system32\dssenh.dll - ok
23:45:43.0718 1808 [ 3805DF0AC4296A34BA4BF93B346CC378 ] C:\WINDOWS\system32\srsvc.dll
23:45:43.0718 1808 C:\WINDOWS\system32\srsvc.dll - ok
23:45:43.0734 1808 [ 7AC9F99C9E12A5C0C35B0A9891543AEC ] C:\WINDOWS\system32\lmmib2.dll
23:45:43.0734 1808 C:\WINDOWS\system32\lmmib2.dll - ok
23:45:43.0734 1808 [ 085ED2E391A871C7BAE87E0228B546BA ] C:\WINDOWS\system32\cscui.dll
23:45:43.0734 1808 C:\WINDOWS\system32\cscui.dll - ok
23:45:43.0765 1808 [ 8BAD69CBAC032D4BBACFCE0306174C30 ] C:\WINDOWS\system32\wiaservc.dll
23:45:43.0765 1808 C:\WINDOWS\system32\wiaservc.dll - ok
23:45:43.0781 1808 [ 3CB78C17BB664637787C9A1C98F79C38 ] C:\WINDOWS\system32\tapisrv.dll
23:45:43.0781 1808 C:\WINDOWS\system32\tapisrv.dll - ok
23:45:43.0796 1808 [ 63E8D944AFBEEBB243F25C4ED07E74C5 ] C:\WINDOWS\system32\inetmib1.dll
23:45:43.0796 1808 C:\WINDOWS\system32\inetmib1.dll - ok
23:45:43.0796 1808 [ C744B07A16F5FBAAF2892716F4DBCB1B ] C:\WINDOWS\system32\hostmib.dll
23:45:43.0796 1808 C:\WINDOWS\system32\hostmib.dll - ok
23:45:43.0812 1808 [ 55BCA12F7F523D35CA3CB833C725F54E ] C:\WINDOWS\system32\trkwks.dll
23:45:43.0812 1808 C:\WINDOWS\system32\trkwks.dll - ok
23:45:43.0812 1808 [ 8024D3127CEF94313F1EF7BFF08E3CE8 ] C:\WINDOWS\system32\nvapi.dll
23:45:43.0812 1808 C:\WINDOWS\system32\nvapi.dll - ok
23:45:43.0828 1808 [ 4AC2FA4A6F0DF2511BAC13393C06EFF1 ] C:\WINDOWS\system32\mscms.dll
23:45:43.0828 1808 C:\WINDOWS\system32\mscms.dll - ok
23:45:43.0843 1808 [ 2D0E4ED081963804CCC196A0929275B5 ] C:\WINDOWS\system32\wbem\wmisvc.dll
23:45:43.0843 1808 C:\WINDOWS\system32\wbem\wmisvc.dll - ok
23:45:43.0859 1808 [ 3E2F3E2F4A82B7FAE23BAB864FB0F837 ] C:\WINDOWS\system32\dpcdll.dll
23:45:43.0859 1808 C:\WINDOWS\system32\dpcdll.dll - ok
23:45:43.0859 1808 [ 744AE70A13159554BE527CB3409AD604 ] C:\WINDOWS\system32\nvdisps.dll
23:45:43.0859 1808 C:\WINDOWS\system32\nvdisps.dll - ok
23:45:43.0875 1808 [ ACACB8B14E66109B8ACD6644B5574B9A ] C:\WINDOWS\system32\vssapi.dll
23:45:43.0875 1808 C:\WINDOWS\system32\vssapi.dll - ok
23:45:43.0875 1808 [ 680B56A8B62D1BCF4A0B2AAAD03D88E4 ] C:\WINDOWS\system32\wdmaud.drv
23:45:43.0875 1808 C:\WINDOWS\system32\wdmaud.drv - ok
23:45:43.0890 1808 [ 6768ACF64B18196494413695F0C3A00F ] C:\WINDOWS\system32\drivers\wdmaud.sys
23:45:43.0890 1808 C:\WINDOWS\system32\drivers\wdmaud.sys - ok
23:45:43.0890 1808 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] C:\WINDOWS\system32\drivers\sysaudio.sys
23:45:43.0890 1808 C:\WINDOWS\system32\drivers\sysaudio.sys - ok
23:45:43.0906 1808 [ E97D6A8684466DF94FF3BC24FB787A07 ] C:\WINDOWS\system32\fxssvc.exe
23:45:43.0906 1808 C:\WINDOWS\system32\fxssvc.exe - ok
23:45:43.0921 1808 [ CFD4E51402DA9838B5A04AE680AF54A0 ] C:\WINDOWS\system32\browser.dll
23:45:43.0921 1808 C:\WINDOWS\system32\browser.dll - ok
23:45:43.0921 1808 [ 235892E493845D64D890163CFEF90E97 ] C:\WINDOWS\system32\credui.dll
23:45:43.0921 1808 C:\WINDOWS\system32\credui.dll - ok
23:45:43.0937 1808 [ 1144EF6B4BB72E33B41912AE1AE4F97A ] C:\WINDOWS\system32\fxstiff.dll
23:45:43.0937 1808 C:\WINDOWS\system32\fxstiff.dll - ok
23:45:43.0937 1808 [ 0329D0A4F230094B669A87BB3B85606E ] C:\WINDOWS\system32\fxsapi.dll
23:45:43.0937 1808 C:\WINDOWS\system32\fxsapi.dll - ok
23:45:43.0937 1808 [ ED0C0DF222209E43AD9AFBF3FE87DDE0 ] C:\WINDOWS\system32\comsvcs.dll
23:45:43.0937 1808 C:\WINDOWS\system32\comsvcs.dll - ok
23:45:43.0953 1808 [ 690D97864735E8ECD87F55777E266690 ] C:\WINDOWS\system32\colbact.dll
23:45:43.0953 1808 C:\WINDOWS\system32\colbact.dll - ok
23:45:43.0953 1808 [ 36795A645EAA47FE31D2A8F136A2C69B ] C:\WINDOWS\system32\mtxclu.dll
23:45:43.0953 1808 C:\WINDOWS\system32\mtxclu.dll - ok
23:45:43.0968 1808 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] C:\WINDOWS\system32\drivers\splitter.sys
23:45:43.0968 1808 C:\WINDOWS\system32\drivers\splitter.sys - ok
23:45:43.0968 1808 [ DF82E222578DBE59FCBBD69A02E4C806 ] C:\WINDOWS\system32\clusapi.dll
23:45:43.0968 1808 C:\WINDOWS\system32\clusapi.dll - ok
23:45:43.0984 1808 [ 8BED39E3C35D6A489438B8141717A557 ] C:\WINDOWS\system32\drivers\aec.sys
23:45:43.0984 1808 C:\WINDOWS\system32\drivers\aec.sys - ok
23:45:44.0000 1808 [ F51EBB6FC536A6B2D588FD668D3A8249 ] C:\WINDOWS\system32\resutils.dll
23:45:44.0000 1808 C:\WINDOWS\system32\resutils.dll - ok
23:45:44.0000 1808 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] C:\WINDOWS\system32\drivers\swmidi.sys
23:45:44.0000 1808 C:\WINDOWS\system32\drivers\swmidi.sys - ok
23:45:44.0031 1808 [ 8A208DFCF89792A484E76C40E5F50B45 ] C:\WINDOWS\system32\drivers\dmusic.sys
23:45:44.0031 1808 C:\WINDOWS\system32\drivers\dmusic.sys - ok
23:45:44.0062 1808 [ C14AA05881A35B6D6BB8D55B117EE22D ] C:\WINDOWS\system32\shfolder.dll
23:45:44.0062 1808 C:\WINDOWS\system32\shfolder.dll - ok
23:45:44.0062 1808 [ 692BCF44383D056AED41B045A323D378 ] C:\WINDOWS\system32\drivers\kmixer.sys
23:45:44.0062 1808 C:\WINDOWS\system32\drivers\kmixer.sys - ok
23:45:44.0187 1808 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] C:\WINDOWS\system32\drivers\drmkaud.sys
23:45:44.0187 1808 C:\WINDOWS\system32\drivers\drmkaud.sys - ok
23:45:44.0218 1808 [ 0CE5F8AE9C371A965D17E3F2ED134809 ] C:\WINDOWS\system32\fxst30.dll
23:45:44.0218 1808 C:\WINDOWS\system32\fxst30.dll - ok
23:45:44.0218 1808 [ 2D583E2844FDD592D1629EB6B10E5702 ] C:\WINDOWS\system32\fxsroute.dll
23:45:44.0218 1808 C:\WINDOWS\system32\fxsroute.dll - ok
23:45:44.0234 1808 [ 037B1E7798960E0420003D05BB577EE6 ] C:\WINDOWS\system32\rundll32.exe
23:45:44.0234 1808 C:\WINDOWS\system32\rundll32.exe - ok
23:45:44.0234 1808 [ AACE07FE34FADDDF973CE068A6424957 ] C:\WINDOWS\system32\unimdm.tsp
23:45:44.0234 1808 C:\WINDOWS\system32\unimdm.tsp - ok
23:45:44.0234 1808 [ 995252FCC4692B5B97EE17D596C9386E ] C:\WINDOWS\system32\uniplat.dll
23:45:44.0234 1808 C:\WINDOWS\system32\uniplat.dll - ok
23:45:44.0250 1808 [ 9A3BD5F55AADFF859539142F6328A66E ] C:\WINDOWS\system32\msacm32.drv
23:45:44.0250 1808 C:\WINDOWS\system32\msacm32.drv - ok
23:45:44.0250 1808 [ 5C12660A97822F6E61576943B49AAAD6 ] C:\WINDOWS\system32\midimap.dll
23:45:44.0250 1808 C:\WINDOWS\system32\midimap.dll - ok
23:45:44.0250 1808 [ 19AE6CBA05B9005698A6DEDCC88F202E ] C:\WINDOWS\system32\unimdmat.dll
23:45:44.0250 1808 C:\WINDOWS\system32\unimdmat.dll - ok
23:45:44.0265 1808 [ FE4A73CDBC882A19D070F1C01586E81A ] C:\WINDOWS\system32\modemui.dll
23:45:44.0265 1808 C:\WINDOWS\system32\modemui.dll - ok
23:45:44.0265 1808 [ 76EC97C5068D3D9FAA7774B0F659D31A ] C:\WINDOWS\system32\kmddsp.tsp
23:45:44.0265 1808 C:\WINDOWS\system32\kmddsp.tsp - ok
23:45:44.0265 1808 [ 4589963D84F2984FA5949A72162BA4F4 ] C:\WINDOWS\system32\ndptsp.tsp
23:45:44.0265 1808 C:\WINDOWS\system32\ndptsp.tsp - ok
23:45:44.0281 1808 [ 14390243E43F290A61B0B1FB3602DC4F ] C:\WINDOWS\system32\evntagnt.dll
23:45:44.0281 1808 C:\WINDOWS\system32\evntagnt.dll - ok
23:45:44.0281 1808 [ 8B8A45DF7CEF36D93C7BD3E4C84003B8 ] C:\WINDOWS\system32\ipconf.tsp
23:45:44.0281 1808 C:\WINDOWS\system32\ipconf.tsp - ok
23:45:44.0281 1808 [ 6A473B625E465946F73FB2C24412656C ] C:\WINDOWS\system32\snmpmib.dll
23:45:44.0296 1808 C:\WINDOWS\system32\snmpmib.dll - ok
23:45:44.0296 1808 [ 8BC2B02DC11C98D14CEE43B8E8393FF3 ] C:\WINDOWS\system32\h323.tsp
23:45:44.0296 1808 C:\WINDOWS\system32\h323.tsp - ok
23:45:44.0296 1808 [ 480A97A55E986FA4733282D67737FAF8 ] C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\yjpdmegv\hphswemj.exe
23:45:44.0296 1808 C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\yjpdmegv\hphswemj.exe - ok
23:45:44.0312 1808 [ 6B552ED3BEE5AA3C4560478FF779BA98 ] C:\WINDOWS\system32\hidphone.tsp
23:45:44.0312 1808 C:\WINDOWS\system32\hidphone.tsp - ok
23:45:44.0312 1808 [ 384DA6A9C70889F01B99888C5E07072C ] C:\WINDOWS\system32\igmpagnt.dll
23:45:44.0312 1808 C:\WINDOWS\system32\igmpagnt.dll - ok
23:45:44.0312 1808 [ A93AEE1928A9D7CE3E16D24EC7380F89 ] C:\WINDOWS\system32\userinit.exe
23:45:44.0312 1808 C:\WINDOWS\system32\userinit.exe - ok
23:45:44.0328 1808 [ 93F02F396720478C656D65ECFB65A497 ] C:\WINDOWS\system32\mcastmib.dll
23:45:44.0328 1808 C:\WINDOWS\system32\mcastmib.dll - ok
23:45:44.0328 1808 [ D022E59E6F132660B2D7E66D41FFB341 ] C:\WINDOWS\system32\rtipxmib.dll
23:45:44.0328 1808 C:\WINDOWS\system32\rtipxmib.dll - ok
23:45:44.0328 1808 [ 12896823FB95BFB3DC9B46BCAEDC9923 ] C:\WINDOWS\explorer.exe
23:45:44.0328 1808 C:\WINDOWS\explorer.exe - ok
23:45:44.0343 1808 [ DEFEE5DEDD20C1E15532E88D5A4F7C96 ] C:\WINDOWS\system32\browseui.dll
23:45:44.0343 1808 C:\WINDOWS\system32\browseui.dll - ok
23:45:44.0343 1808 [ 5E283C987ED4BB42323A3C722EEBC081 ] C:\WINDOWS\system32\shdocvw.dll
23:45:44.0343 1808 C:\WINDOWS\system32\shdocvw.dll - ok
23:45:44.0343 1808 [ 912B67BB8249925A5C972FC5839EAE09 ] C:\WINDOWS\system32\actxprxy.dll
23:45:44.0343 1808 C:\WINDOWS\system32\actxprxy.dll - ok
23:45:44.0359 1808 [ 30DB64D316F502558DB2380F7343C9FD ] C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL
23:45:44.0359 1808 C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL - ok
23:45:44.0359 1808 [ 207204AF80505AF51271FE164B56F662 ] C:\PROGRA~1\MICROS~3\Office12\GrooveUtil.dll
23:45:44.0359 1808 C:\PROGRA~1\MICROS~3\Office12\GrooveUtil.dll - ok
23:45:44.0359 1808 [ 30EFEBDC960A482E3E188B9960B286E2 ] C:\PROGRA~1\MICROS~3\Office12\GrooveNew.dll
23:45:44.0359 1808 C:\PROGRA~1\MICROS~3\Office12\GrooveNew.dll - ok
23:45:44.0375 1808 [ FF3477C03BE7201C294C35F684B3479F ] C:\WINDOWS\system32\termsrv.dll
23:45:44.0375 1808 C:\WINDOWS\system32\termsrv.dll - ok
23:45:44.0375 1808 [ D5E459BED3DB9CF7FC6CC1455F177D2D ] C:\WINDOWS\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_a4c618fa\ATL80.dll
23:45:44.0375 1808 C:\WINDOWS\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_a4c618fa\ATL80.dll - ok
23:45:44.0375 1808 [ DF6551E4C4C46655A0C76194F1FCEA5D ] C:\WINDOWS\system32\icaapi.dll
23:45:44.0375 1808 C:\WINDOWS\system32\icaapi.dll - ok
23:45:44.0390 1808 [ B4ED498E3BFEE64E952BC44FC6057DB8 ] C:\WINDOWS\system32\desk.cpl
23:45:44.0390 1808 C:\WINDOWS\system32\desk.cpl - ok
23:45:44.0390 1808 [ 2D65D56C2F8B6CC5EBFF8E7200C30304 ] C:\WINDOWS\system32\mstlsapi.dll
23:45:44.0390 1808 C:\WINDOWS\system32\mstlsapi.dll - ok
23:45:44.0390 1808 [ A314EEA2A503A8E04085201E436384A5 ] C:\WINDOWS\system32\themeui.dll
23:45:44.0390 1808 C:\WINDOWS\system32\themeui.dll - ok
23:45:44.0406 1808 [ D8C2B95BC2353E1F18850D6B8F5DBA13 ] C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
23:45:44.0406 1808 C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll - ok
23:45:44.0406 1808 [ ACFEE2392503DD5E457363A0510B8BCB ] C:\WINDOWS\system32\msxml3.dll
23:45:44.0406 1808 C:\WINDOWS\system32\msxml3.dll - ok
23:45:44.0406 1808 [ 6D778E0F95447E6546553EEEA709D03C ] C:\WINDOWS\system32\cmd.exe
23:45:44.0406 1808 C:\WINDOWS\system32\cmd.exe - ok
23:45:44.0421 1808 [ CE5BC065C74C0A49486664CF71E0CA0A ] C:\WINDOWS\system32\ieframe.dll
23:45:44.0421 1808 C:\WINDOWS\system32\ieframe.dll - ok
23:45:44.0421 1808 [ 480A97A55E986FA4733282D67737FAF8 ] C:\DOCUME~1\COMPAQ~1\LOCALS~1\temp\yucnygos.exe
23:45:44.0421 1808 C:\DOCUME~1\COMPAQ~1\LOCALS~1\temp\yucnygos.exe - ok
23:45:44.0421 1808 [ 533AECD1B5356870AE2D905B4D3B42B7 ] C:\Program Files\Microsoft Office\Office12\GrooveMisc.dll
23:45:44.0421 1808 C:\Program Files\Microsoft Office\Office12\GrooveMisc.dll - ok
23:45:44.0437 1808 [ C5A2155E27F1E00B629ECA9FED6AC841 ] C:\DOCUME~1\COMPAQ~1\LOCALS~1\temp\FB0EFC92-7212-42C4-A250-28A2D7E03F4E.exe
23:45:44.0437 1808 C:\DOCUME~1\COMPAQ~1\LOCALS~1\temp\FB0EFC92-7212-42C4-A250-28A2D7E03F4E.exe - ok
23:45:44.0437 1808 [ 17AA58A54C00F1746B8654C050491F43 ] C:\WINDOWS\system32\msutb.dll
23:45:44.0437 1808 C:\WINDOWS\system32\msutb.dll - ok
23:45:44.0437 1808 [ E40FCF943127DDC8FD60554B722D762B ] C:\WINDOWS\system32\msctf.dll
23:45:44.0437 1808 C:\WINDOWS\system32\msctf.dll - ok
23:45:44.0453 1808 [ 684559A03CBC1D05BA120A18B0D8BA5D ] C:\WINDOWS\system32\winhttp.dll
23:45:44.0453 1808 C:\WINDOWS\system32\winhttp.dll - ok
23:45:44.0453 1808 [ 2DC5A8019E2387987905F77C664E4BE2 ] C:\WINDOWS\system32\linkinfo.dll
23:45:44.0453 1808 C:\WINDOWS\system32\linkinfo.dll - ok
23:45:44.0453 1808 [ A70A2D85AD143D6BB823C246CEB699A5 ] C:\WINDOWS\system32\ntshrui.dll
23:45:44.0453 1808 C:\WINDOWS\system32\ntshrui.dll - ok
23:45:44.0468 1808 [ 91790D6749EBED90E2C40479C0A91879 ] C:\WINDOWS\system32\verclsid.exe
23:45:44.0468 1808 C:\WINDOWS\system32\verclsid.exe - ok
23:45:44.0484 1808 [ 5D999BF519415D1C8EE0B97FF6A254DB ] C:\Program Files\Microsoft Office\Office12\MSOHEVI.DLL
23:45:44.0484 1808 C:\Program Files\Microsoft Office\Office12\MSOHEVI.DLL - ok
23:45:44.0484 1808 [ 9583183A032C85706B81B92A25C5B331 ] C:\WINDOWS\RTHDCPL.exe
23:45:44.0484 1808 C:\WINDOWS\RTHDCPL.exe - ok
23:45:44.0484 1808 [ 22D71D1DB6FC789A1CE8AC6963580259 ] C:\WINDOWS\system32\hhctrl.ocx
23:45:44.0484 1808 C:\WINDOWS\system32\hhctrl.ocx - ok
23:45:44.0500 1808 [ 062F837C1FBDB6A0A75F82EFC2EE8E74 ] C:\WINDOWS\system32\netshell.dll
23:45:44.0500 1808 C:\WINDOWS\system32\netshell.dll - ok
23:45:44.0500 1808 [ 4D83ED8BDDEC431FC8AD907B47CFB6E3 ] C:\WINDOWS\system32\dsound.dll
23:45:44.0500 1808 C:\WINDOWS\system32\dsound.dll - ok
23:45:44.0500 1808 [ 4E8F3230BAC8C1CAADF01A8C728E1C5C ] C:\WINDOWS\system32\dot3dlg.dll
23:45:44.0500 1808 C:\WINDOWS\system32\dot3dlg.dll - ok
23:45:44.0515 1808 [ CA04959077AFE36369D37B3504740C87 ] C:\WINDOWS\system32\onex.dll
23:45:44.0515 1808 C:\WINDOWS\system32\onex.dll - ok
23:45:44.0515 1808 [ 5DB625E7D095604010CF84DE2D8ACFA6 ] C:\WINDOWS\system32\eappcfg.dll
23:45:44.0515 1808 C:\WINDOWS\system32\eappcfg.dll - ok
23:45:44.0515 1808 [ ABC4206543450C0666D152F4B65833B8 ] C:\WINDOWS\system32\eappprxy.dll
23:45:44.0515 1808 C:\WINDOWS\system32\eappprxy.dll - ok
23:45:44.0531 1808 [ 469690B9702F02AF087EA52B3B843202 ] C:\WINDOWS\SOUNDMAN.EXE
23:45:44.0531 1808 C:\WINDOWS\SOUNDMAN.EXE - ok
23:45:44.0531 1808 [ CC8915DB4E33E8FB29CA0D2DBF75306E ] C:\WINDOWS\system32\webcheck.dll
23:45:44.0531 1808 C:\WINDOWS\system32\webcheck.dll - ok
23:45:44.0531 1808 [ 50512FC9B7878E3C2C147BC17326A7DB ] C:\WINDOWS\system32\stobject.dll
23:45:44.0531 1808 C:\WINDOWS\system32\stobject.dll - ok
23:45:44.0546 1808 [ 231A0B0E3BA7ABFE469A8262FAA1FD71 ] C:\WINDOWS\system32\batmeter.dll
23:45:44.0546 1808 C:\WINDOWS\system32\batmeter.dll - ok
23:45:44.0546 1808 [ D7D69F304A604387B86BE991CBF07663 ] C:\WINDOWS\system32\WPDShServiceObj.dll
23:45:44.0546 1808 C:\WINDOWS\system32\WPDShServiceObj.dll - ok
23:45:44.0546 1808 [ 439231898C6FDC13996AE3D733D00FBA ] C:\WINDOWS\system32\CTHELPER.EXE
23:45:44.0546 1808 C:\WINDOWS\system32\CTHELPER.EXE - ok
23:45:44.0562 1808 [ 3CBA2210FA39C6ED7895634842E930DD ] C:\WINDOWS\system32\sensapi.dll
23:45:44.0562 1808 C:\WINDOWS\system32\sensapi.dll - ok
23:45:44.0562 1808 [ 897C26D149F4750FAF8666727DD5DD0A ] C:\WINDOWS\ALCWZRD.EXE
23:45:44.0562 1808 C:\WINDOWS\ALCWZRD.EXE - ok
23:45:44.0562 1808 [ 310F1E8A0781887BA1C217448C0E4D48 ] C:\WINDOWS\SMINST\Recguard.exe
23:45:44.0562 1808 C:\WINDOWS\SMINST\Recguard.exe - ok
23:45:44.0578 1808 [ 25CF0DAE6043D8167B813ED7CDE5C76E ] C:\Program Files\Common Files\Logitech\QCDriver2\LVComS.exe
23:45:44.0578 1808 C:\Program Files\Common Files\Logitech\QCDriver2\LVComS.exe - ok
23:45:44.0578 1808 [ 538A270F35A713C360B7ED4168BB7521 ] C:\WINDOWS\system32\mydocs.dll
23:45:44.0578 1808 C:\WINDOWS\system32\mydocs.dll - ok
23:45:44.0578 1808 [ 0B467F470CC9918FDCEEDCFD7DC4D697 ] C:\WINDOWS\system32\oledlg.dll
23:45:44.0578 1808 C:\WINDOWS\system32\oledlg.dll - ok
23:45:44.0593 1808 [ 5652F6CE1D9E9D8068B9D29BC21B5409 ] C:\WINDOWS\system32\olepro32.dll
23:45:44.0593 1808 C:\WINDOWS\system32\olepro32.dll - ok
23:45:44.0593 1808 [ E8B5BE3B1298E6C55F984105176A5DDB ] C:\Program Files\Nokia\Nokia PC Suite 7\PhoneBrowser.dll
23:45:44.0593 1808 C:\Program Files\Nokia\Nokia PC Suite 7\PhoneBrowser.dll - ok
23:45:44.0593 1808 [ 9819C4F68686E9FE1D62DD0D4767DDD5 ] C:\hp\drivers\hplsbwatcher\LSBurnWatcher.exe
23:45:44.0593 1808 C:\hp\drivers\hplsbwatcher\LSBurnWatcher.exe - ok
23:45:44.0609 1808 [ 79D4D68D6BDD2A704B088CE06B88DD1F ] C:\Program Files\Nokia\Nokia PC Suite 7\NGSCM.dll
23:45:44.0609 1808 C:\Program Files\Nokia\Nokia PC Suite 7\NGSCM.dll - ok
23:45:44.0609 1808 [ 80776884E7A05D6DA5040926F82B0273 ] C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6002.22791_x-ww_c8dff154\GdiPlus.dll
23:45:44.0609 1808 C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6002.22791_x-ww_c8dff154\GdiPlus.dll - ok
23:45:44.0609 1808 [ 0B3595A4FF0B36D68E5FC67FD7D70FDC ] C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\msvcp80.dll
23:45:44.0609 1808 C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\msvcp80.dll - ok
23:45:44.0656 1808 [ 75563FF603C40F0A5486750E0C486CC2 ] C:\Program Files\Nokia\Nokia PC Suite 7\PCSL.dll
23:45:44.0656 1808 C:\Program Files\Nokia\Nokia PC Suite 7\PCSL.dll - ok
23:45:44.0671 1808 [ 73DD6940DCCB252489CE5C4EF8CDA075 ] C:\Program Files\Nokia\Nokia PC Suite 7\Lang\PhoneBrowser_eng.NLR
23:45:44.0671 1808 C:\Program Files\Nokia\Nokia PC Suite 7\Lang\PhoneBrowser_eng.NLR - ok
23:45:44.0703 1808 [ F2699D792A0D3079E9B2EE7F6F7C62AF ] C:\Program Files\Nokia\Nokia PC Suite 7\Resource\PhoneBrowser_Nokia.NGR
23:45:44.0703 1808 C:\Program Files\Nokia\Nokia PC Suite 7\Resource\PhoneBrowser_Nokia.NGR - ok
23:45:44.0703 1808 [ 4A95F15B706B8FD9EC8715B6401EAB7B ] C:\hp\KBD\kbd.exe
23:45:44.0703 1808 C:\hp\KBD\kbd.exe - ok
23:45:44.0718 1808 [ A687C458B80C7D55CBE39649D952ED2A ] C:\WINDOWS\system32\PortableDeviceTypes.dll
23:45:44.0718 1808 C:\WINDOWS\system32\PortableDeviceTypes.dll - ok
23:45:44.0718 1808 [ 7139A13DD292272E12FFAF2499CA7BEB ] C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
23:45:44.0718 1808 C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe - ok
23:45:44.0765 1808 [ E132AD94798E72ACB650E985984C7F58 ] C:\WINDOWS\system32\PortableDeviceApi.dll
23:45:44.0765 1808 C:\WINDOWS\system32\PortableDeviceApi.dll - ok
23:45:44.0781 1808 [ 1C22A3866112ED41E1F3684DAE9AD5D2 ] C:\WINDOWS\system32\mmcshext.dll
23:45:44.0781 1808 C:\WINDOWS\system32\mmcshext.dll - ok
23:45:44.0796 1808 [ D3E868700D9B5E3C54B7EED060215CC1 ] C:\WINDOWS\system32\hhsetup.dll
23:45:44.0796 1808 C:\WINDOWS\system32\hhsetup.dll - ok
23:45:44.0812 1808 [ B4B4EB2F8849E93FE5FECE11E52C5930 ] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe
23:45:44.0812 1808 C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe - ok
23:45:44.0828 1808 [ 8BBBADA96FFE1449EDD39256EDA99CD8 ] C:\WINDOWS\system32\igfxtray.exe
23:45:44.0828 1808 C:\WINDOWS\system32\igfxtray.exe - ok
23:45:44.0843 1808 [ 06A1ECB63DF139EC639E084D4AB3C9D7 ] C:\WINDOWS\system\hpsysdrv.exe
23:45:44.0843 1808 C:\WINDOWS\system\hpsysdrv.exe - ok
23:45:44.0859 1808 [ 0E34B7BB1FCF22BCC1E394D16F9E992B ] C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
23:45:44.0859 1808 C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe - ok
23:45:44.0859 1808 [ E7BE65BF79906AEBC698E077D53F6A1C ] C:\WINDOWS\AGRSMMSG.exe
23:45:44.0859 1808 C:\WINDOWS\AGRSMMSG.exe - ok
23:45:44.0859 1808 [ 707C0C5D9BE7163182227470E9CD3C9A ] C:\Program Files\Belkin\F5D8055\v2\Belkinwcui.exe
23:45:44.0859 1808 C:\Program Files\Belkin\F5D8055\v2\Belkinwcui.exe - ok
23:45:44.0875 1808 [ 62CE6A1F613BD445459D592FDE4AFE14 ] C:\WINDOWS\system32\nwiz.exe
23:45:44.0875 1808 C:\WINDOWS\system32\nwiz.exe - ok
23:45:44.0875 1808 [ 12916E0642E92561C98B18A2A2D01B14 ] C:\Program Files\Common Files\Java\Java Update\jusched.exe
23:45:44.0875 1808 C:\Program Files\Common Files\Java\Java Update\jusched.exe - ok
23:45:44.0890 1808 [ 9C9B6807425CEF840C117654D8B033D1 ] C:\Program Files\QuickTime\QTTask.exe
23:45:44.0890 1808 C:\Program Files\QuickTime\QTTask.exe - ok
23:45:44.0890 1808 [ 8E16BF5600797E678EA97051CF93E6BF ] C:\WINDOWS\system32\dumprep.exe
23:45:44.0906 1808 C:\WINDOWS\system32\dumprep.exe - ok
23:45:44.0906 1808 [ F34E7705751BB413283434697BF8E55D ] C:\Program Files\DAEMON Tools Lite\DTLite.exe
23:45:44.0906 1808 C:\Program Files\DAEMON Tools Lite\DTLite.exe - ok
23:45:44.0921 1808 [ C7144387E236687F8FB3F26FC845A822 ] C:\Program Files\Pando Networks\Media Booster\PMB.exe
23:45:44.0921 1808 C:\Program Files\Pando Networks\Media Booster\PMB.exe - ok
23:45:44.0921 1808 [ 5F1D5F88303D4A4DBC8E5F97BA967CC3 ] C:\WINDOWS\system32\ctfmon.exe
23:45:44.0921 1808 C:\WINDOWS\system32\ctfmon.exe - ok
23:45:44.0937 1808 [ 5B120AC95451AF137981C1BC13978806 ] C:\WINDOWS\system32\hccutils.dll
23:45:44.0937 1808 C:\WINDOWS\system32\hccutils.dll - ok
23:45:44.0937 1808 [ 76848CB1AA5818DB47D5F5986E0A7485 ] C:\WINDOWS\system32\mfc42.dll
23:45:44.0937 1808 C:\WINDOWS\system32\mfc42.dll - ok
23:45:44.0953 1808 [ 9385BD61B365DE7CF9AF3290B7D5A3B9 ] C:\Program Files\DAEMON Tools Lite\DTCommonRes.dll
23:45:44.0953 1808 C:\Program Files\DAEMON Tools Lite\DTCommonRes.dll - ok
23:45:44.0968 1808 [ A6D351093F75D16C574DB31CDF736153 ] C:\DOCUME~1\COMPAQ~1\LOCALS~1\temp\obfaabiv.sys
23:45:44.0968 1808 C:\DOCUME~1\COMPAQ~1\LOCALS~1\temp\obfaabiv.sys - ok
23:45:44.0968 1808 [ 4C5E139FAB02BEE58EDC88E1512110FB ] C:\Program Files\Pando Networks\Media Booster\nspr4.dll
23:45:44.0968 1808 C:\Program Files\Pando Networks\Media Booster\nspr4.dll - ok
23:45:44.0968 1808 [ E2C48CD0132D4D1DC7D0DF9A6BEF686A ] C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_150c9e8b\mfc80u.dll
23:45:44.0968 1808 C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_150c9e8b\mfc80u.dll - ok
23:45:44.0984 1808 [ D6F934A361D7F0BE8271673988D4E7FD ] C:\WINDOWS\temp\62e26657
23:45:44.0984 1808 C:\WINDOWS\temp\62e26657 - ok
23:45:44.0984 1808 [ F68A3F0D63BE926ED65ED1C8C5B03A3D ] C:\hp\KBD\LED.DLL
23:45:44.0984 1808 C:\hp\KBD\LED.DLL - ok
23:45:45.0000 1808 [ 51AD048199C49AA40FF318235D2B08CA ] C:\hp\KBD\USB.DLL
23:45:45.0000 1808 C:\hp\KBD\USB.DLL - ok
23:45:45.0015 1808 [ CDBE9690CF2B8409FACAD94FAC9479C9 ] C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_31a54e43\msvcr90.dll
23:45:45.0015 1808 C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_31a54e43\msvcr90.dll - ok
23:45:45.0015 1808 [ 94F6FEC3F5C5532F264FFE05709DE767 ] C:\hp\KBD\PS2.DLL
23:45:45.0015 1808 C:\hp\KBD\PS2.DLL - ok
23:45:45.0031 1808 [ FE528A46F46602F1BB8F4F216C39C357 ] C:\hp\KBD\MSG.DLL
23:45:45.0031 1808 C:\hp\KBD\MSG.DLL - ok
23:45:45.0031 1808 [ 80A44106AC048D325B4F667B24DE1E40 ] C:\Program Files\Pando Networks\Media Booster\plc4.dll
23:45:45.0031 1808 C:\Program Files\Pando Networks\Media Booster\plc4.dll - ok
23:45:45.0046 1808 [ 2E4933748178F6D7BD09BA5F38FE044E ] C:\hp\KBD\OSD.DLL
23:45:45.0046 1808 C:\hp\KBD\OSD.DLL - ok
23:45:45.0062 1808 [ 3C73C6447195D2006802F4FF452496A7 ] C:\hp\KBD\SCT.DLL
23:45:45.0062 1808 C:\hp\KBD\SCT.DLL - ok
23:45:45.0078 1808 [ 63DA5CAD540EF9074ED25DAFF40FC299 ] C:\Program Files\Pando Networks\Media Booster\BugSplat.dll
23:45:45.0078 1808 C:\Program Files\Pando Networks\Media Booster\BugSplat.dll - ok
23:45:45.0078 1808 [ AB529AB0BFD476644A6DB2357C98D1D5 ] C:\hp\KBD\ONL.DLL
23:45:45.0078 1808 C:\hp\KBD\ONL.DLL - ok
23:45:45.0093 1808 [ 7DAD1668B146685818C5504791FD15BC ] C:\hp\KBD\AOL.DLL
23:45:45.0093 1808 C:\hp\KBD\AOL.DLL - ok
23:45:45.0093 1808 [ 87672FD8B10E0E3D6098799CAFF04C3D ] C:\Program Files\DAEMON Tools Lite\DTLiteUI.dll
23:45:45.0093 1808 C:\Program Files\DAEMON Tools Lite\DTLiteUI.dll - ok
23:45:45.0109 1808 [ 0E280A4A6805A752F30F2981D6C4603C ] C:\hp\KBD\URL.DLL
23:45:45.0109 1808 C:\hp\KBD\URL.DLL - ok
23:45:45.0125 1808 [ 0617536C5EDAF36F301BD2B04C05E30F ] C:\Program Files\Common Files\InstallShield\UpdateService\_ispmres.dll
23:45:45.0125 1808 C:\Program Files\Common Files\InstallShield\UpdateService\_ispmres.dll - ok
23:45:45.0125 1808 [ 871F979D70414C900B35E56222932DAF ] C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_6f74963e\msvcp90.dll
23:45:45.0125 1808 C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_6f74963e\msvcp90.dll - ok
23:45:45.0140 1808 [ 261E5E3602941656A1442B255C936B9E ] C:\hp\KBD\CFG.DLL
23:45:45.0140 1808 C:\hp\KBD\CFG.DLL - ok
23:45:45.0140 1808 [ 75EF99EC95884BF97EE054F3B97898FC ] C:\WINDOWS\system32\nview.dll
23:45:45.0140 1808 C:\WINDOWS\system32\nview.dll - ok
23:45:45.0156 1808 [ 4D03CA609E68F4C90CF66515218017F8 ] C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_6f74963e\msvcr90.dll
23:45:45.0156 1808 C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_6f74963e\msvcr90.dll - ok
23:45:45.0171 1808 [ 60DB5561F7B646FA217E9EA6561E6705 ] C:\hp\KBD\MSIKBDIF.DLL
23:45:45.0171 1808 C:\hp\KBD\MSIKBDIF.DLL - ok
23:45:45.0171 1808 [ 585992D78B671AAA075C02241309795D ] C:\WINDOWS\system32\msvcirt.dll
23:45:45.0171 1808 C:\WINDOWS\system32\msvcirt.dll - ok
23:45:45.0187 1808 [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] C:\WINDOWS\system32\netman.dll
23:45:45.0187 1808 C:\WINDOWS\system32\netman.dll - ok
23:45:45.0187 1808 [ CBFA0B98EFBEB31D5B98C5BFB918328F ] C:\Program Files\Pando Networks\Media Booster\nss3.dll
23:45:45.0187 1808 C:\Program Files\Pando Networks\Media Booster\nss3.dll - ok
23:45:45.0203 1808 [ 63C5640C22ED06766B7EDD04ABE76287 ] C:\Program Files\Pando Networks\Media Booster\softokn3.dll
23:45:45.0203 1808 C:\Program Files\Pando Networks\Media Booster\softokn3.dll - ok
23:45:45.0203 1808 [ DCF946D365991221DFDD5DB29C4BFDF7 ] C:\Program Files\Pando Networks\Media Booster\plds4.dll
23:45:45.0203 1808 C:\Program Files\Pando Networks\Media Booster\plds4.dll - ok
23:45:45.0203 1808 [ B4AF61BDA9D4C58FB9B67B9759A98205 ] C:\Program Files\Pando Networks\Media Booster\ssl3.dll
23:45:45.0203 1808 C:\Program Files\Pando Networks\Media Booster\ssl3.dll - ok
23:45:45.0218 1808 [ 28A09777D2D952122567A8A82F1A2C7B ] C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_6a5bb789\mfc80ENU.dll
23:45:45.0218 1808 C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_6a5bb789\mfc80ENU.dll - ok
23:45:45.0218 1808 [ 4E03322DB729B41AF2C362300DD5576E ] C:\WINDOWS\system32\nvmctray.dll
23:45:45.0218 1808 C:\WINDOWS\system32\nvmctray.dll - ok
23:45:45.0234 1808 [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] C:\WINDOWS\system32\rasmans.dll
23:45:45.0234 1808 C:\WINDOWS\system32\rasmans.dll - ok
23:45:45.0234 1808 [ 2A8681AEA24003040CA7D677BE9F1702 ] C:\WINDOWS\system32\drivers\14461855.sys
23:45:45.0234 1808 C:\WINDOWS\system32\drivers\14461855.sys - ok
23:45:45.0250 1808 [ 37A62C6092AADD2EFDE0468DD8818E99 ] C:\WINDOWS\system32\netcfgx.dll
23:45:45.0250 1808 C:\WINDOWS\system32\netcfgx.dll - ok
23:45:45.0250 1808 [ F0BF811622F2DD6C8E26EE4600D83731 ] C:\WINDOWS\system32\wbem\wbemcore.dll
23:45:45.0250 1808 C:\WINDOWS\system32\wbem\wbemcore.dll - ok
23:45:45.0250 1808 [ E4616430709F440CF1809D88DC2366EA ] C:\WINDOWS\system32\wbem\esscli.dll
23:45:45.0250 1808 C:\WINDOWS\system32\wbem\esscli.dll - ok
23:45:45.0265 1808 [ D95C71052E5EF63B55997FB31483D02F ] C:\WINDOWS\system32\wbem\wbemcomn.dll
23:45:45.0265 1808 C:\WINDOWS\system32\wbem\wbemcomn.dll - ok
23:45:45.0265 1808 [ 378A0AEFB11D8B0DC8C27B9F7604B88D ] C:\WINDOWS\system32\wbem\fastprox.dll
23:45:45.0265 1808 C:\WINDOWS\system32\wbem\fastprox.dll - ok
23:45:45.0281 1808 [ 6A5ED595E0CAD51DDE2DA14EDC8F4BFF ] C:\Program Files\Pando Networks\Media Booster\smime3.dll
23:45:45.0281 1808 C:\Program Files\Pando Networks\Media Booster\smime3.dll - ok
23:45:45.0281 1808 [ 4EA92135C436D18975C2EBEC242B71DA ] C:\WINDOWS\system32\icmp.dll
23:45:45.0281 1808 C:\WINDOWS\system32\icmp.dll - ok
23:45:45.0296 1808 [ 83DA953296B2D7CEE69B89F867C574D6 ] C:\WINDOWS\system32\nvwddi.dll
23:45:45.0296 1808 C:\WINDOWS\system32\nvwddi.dll - ok
23:45:45.0296 1808 [ 8F1BEC962E5A6F572CD4ADD1CC916055 ] C:\Program Files\Belkin\F5D8055\v2\BelkinwcuiDLL.dll
23:45:45.0296 1808 C:\Program Files\Belkin\F5D8055\v2\BelkinwcuiDLL.dll - ok
23:45:45.0312 1808 [ F6FAEC07446A78A9C5AF4558FF5BD118 ] C:\WINDOWS\ime\sptip.dll
23:45:45.0312 1808 C:\WINDOWS\ime\sptip.dll - ok
23:45:45.0312 1808 [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] C:\WINDOWS\system32\imapi.exe
23:45:45.0312 1808 C:\WINDOWS\system32\imapi.exe - ok
23:45:45.0328 1808 [ 3273D1565BF30225C115B480A3BB2C9D ] C:\WINDOWS\system32\wbem\wmiutils.dll
23:45:45.0328 1808 C:\WINDOWS\system32\wbem\wmiutils.dll - ok
23:45:45.0328 1808 [ D77E83743B07121B1D3941FD80375662 ] C:\WINDOWS\system32\SiSPower.dll
23:45:45.0328 1808 C:\WINDOWS\system32\SiSPower.dll - ok
23:45:45.0343 1808 [ 77A9702B15F85EAE57848FD0A64AC00E ] C:\Program Files\Common Files\InstallShield\UpdateService\agent.exe
23:45:45.0343 1808 C:\Program Files\Common Files\InstallShield\UpdateService\agent.exe - ok
23:45:45.0343 1808 [ 942A17D2901A31EA68627CBFFCD268CC ] C:\WINDOWS\system32\wbem\repdrvfs.dll
23:45:45.0343 1808 C:\WINDOWS\system32\wbem\repdrvfs.dll - ok
23:45:45.0343 1808 [ 071143F687B4F887E21461CA6CC7EB29 ] C:\WINDOWS\system32\wbem\wmiprvsd.dll
23:45:45.0343 1808 C:\WINDOWS\system32\wbem\wmiprvsd.dll - ok
23:45:45.0359 1808 [ 5716DD3DEC01F5D185A2EAC81D4078F3 ] C:\Program Files\DAEMON Tools Lite\Engine.dll
23:45:45.0359 1808 C:\Program Files\DAEMON Tools Lite\Engine.dll - ok
23:45:45.0359 1808 [ F3602B83B2312450C7036F7419F39618 ] C:\WINDOWS\system32\CTDCIFCE.DLL
23:45:45.0359 1808 C:\WINDOWS\system32\CTDCIFCE.DLL - ok
23:45:45.0375 1808 [ C1254C0B3641A3B3D8A5306AF9AE0638 ] C:\WINDOWS\system32\CTDC0001.DLL
23:45:45.0375 1808 C:\WINDOWS\system32\CTDC0001.DLL - ok
23:45:45.0375 1808 [ 7977EEA67691BA941CED002B13633ECE ] C:\Program Files\QuickTime\QTPlugin.ocx
23:45:45.0375 1808 C:\Program Files\QuickTime\QTPlugin.ocx - ok
23:45:45.0390 1808 [ 064B932A02A18A8E223CBD925EF5314C ] C:\WINDOWS\system32\CTOSUSER.DLL
23:45:45.0390 1808 C:\WINDOWS\system32\CTOSUSER.DLL - ok
23:45:45.0390 1808 [ 26D881D27CBE51D3614E68D7313EA026 ] C:\WINDOWS\system32\wbem\wbemess.dll
23:45:45.0390 1808 C:\WINDOWS\system32\wbem\wbemess.dll - ok
23:45:45.0390 1808 [ 2DDB0DBBC15C7B4F586E4F9DAEB3ADBD ] C:\WINDOWS\system32\CTDPROXY.DLL
23:45:45.0390 1808 C:\WINDOWS\system32\CTDPROXY.DLL - ok
23:45:45.0406 1808 [ 5F7692CEC90E2E9AA32CD58321E234B8 ] C:\WINDOWS\system32\rastapi.dll
23:45:45.0406 1808 C:\WINDOWS\system32\rastapi.dll - ok
23:45:45.0406 1808 [ 93C088C2AEB2F23E720BDA7E32BD5117 ] C:\WINDOWS\system32\upnp.dll
23:45:45.0406 1808 C:\WINDOWS\system32\upnp.dll - ok
23:45:45.0421 1808 [ 3D075865DCC26931972F6476AD0497BE ] C:\WINDOWS\system32\ssdpapi.dll
23:45:45.0421 1808 C:\WINDOWS\system32\ssdpapi.dll - ok
23:45:45.0421 1808 [ F80A415EF82CD06FFAF0D971528EAD38 ] C:\WINDOWS\system32\drivers\http.sys
23:45:45.0421 1808 C:\WINDOWS\system32\drivers\http.sys - ok
23:45:45.0421 1808 [ D2AF7A30E4B7BA1C743F0DCE11E04B5E ] C:\Program Files\Pando Networks\Media Booster\freebl3.dll
23:45:45.0421 1808 C:\Program Files\Pando Networks\Media Booster\freebl3.dll - ok
23:45:45.0437 1808 [ 0A5679B3714EDAB99E357057EE88FCA6 ] C:\WINDOWS\system32\ssdpsrv.dll
23:45:45.0437 1808 C:\WINDOWS\system32\ssdpsrv.dll - ok
23:45:45.0437 1808 [ 205ADD80FF8099B1A8101EB490B933D1 ] C:\WINDOWS\system32\wbem\wbemprox.dll
23:45:45.0437 1808 C:\WINDOWS\system32\wbem\wbemprox.dll - ok
23:45:45.0453 1808 [ 010472D0AE758227C6F6E6933549C219 ] C:\WINDOWS\system32\wbem\wbemsvc.dll
23:45:45.0453 1808 C:\WINDOWS\system32\wbem\wbemsvc.dll - ok
23:45:45.0453 1808 [ E0C2E23647C6C0AF298E470FAE6919CE ] C:\Program Files\Belkin\F5D8055\v2\PCARmDrv.exe
23:45:45.0453 1808 C:\Program Files\Belkin\F5D8055\v2\PCARmDrv.exe - ok
23:45:45.0453 1808 [ 0B254D63A581F93247A1A3D44DB903BB ] C:\WINDOWS\system32\igfxdev.dll
23:45:45.0453 1808 C:\WINDOWS\system32\igfxdev.dll - ok
23:45:45.0468 1808 [ 65A9495A436F5402BC1C467E1B926C27 ] C:\WINDOWS\winhlp32.exe
23:45:45.0468 1808 C:\WINDOWS\winhlp32.exe - ok
23:45:45.0468 1808 [ D4931277DF5393E84A48B27DF40914E3 ] C:\WINDOWS\system32\riched32.dll
23:45:45.0468 1808 C:\WINDOWS\system32\riched32.dll - ok
23:45:45.0484 1808 [ D0545A010ED2259A740C8414899A938F ] C:\WINDOWS\system32\rasppp.dll
23:45:45.0484 1808 C:\WINDOWS\system32\rasppp.dll - ok
23:45:45.0484 1808 [ B464BD425D5D09ABE4192234D1577B22 ] C:\WINDOWS\system32\ntlsapi.dll
23:45:45.0484 1808 C:\WINDOWS\system32\ntlsapi.dll - ok
23:45:45.0500 1808 [ A655C88AA555BB8EF8957BD29408827F ] C:\WINDOWS\system32\rasqec.dll
23:45:45.0500 1808 C:\WINDOWS\system32\rasqec.dll - ok
23:45:45.0500 1808 [ B7C7FA3BEDE83AC5F1DE03B30D494CC1 ] C:\WINDOWS\system32\httpapi.dll
23:45:45.0500 1808 C:\WINDOWS\system32\httpapi.dll - ok
23:45:45.0515 1808 [ 69EE0CB3B05F619EFF7E46F978BBFEEA ] C:\WINDOWS\system32\asycfilt.dll
23:45:45.0515 1808 C:\WINDOWS\system32\asycfilt.dll - ok
23:45:45.0515 1808 [ D26451B540720A7313A9BCBE794DAF62 ] C:\WINDOWS\system32\wbem\ncprov.dll
23:45:45.0515 1808 C:\WINDOWS\system32\wbem\ncprov.dll - ok
23:45:45.0531 1808 [ 6100A808600F44D999CEBDEF8841C7A3 ] C:\WINDOWS\system32\w3ssl.dll
23:45:45.0531 1808 C:\WINDOWS\system32\w3ssl.dll - ok
23:45:45.0531 1808 [ 4A93B65CFB514F2EA76B59568D5F39CE ] C:\WINDOWS\system32\strmfilt.dll
23:45:45.0531 1808 C:\WINDOWS\system32\strmfilt.dll - ok
23:45:45.0546 1808 [ 6404807ABC7AF52FA3792697AE638B50 ] C:\WINDOWS\system32\wbem\wbemcons.dll
23:45:45.0546 1808 C:\WINDOWS\system32\wbem\wbemcons.dll - ok
23:45:45.0546 1808 [ FEF1E65F151B1EC74A83597FD65BAC4F ] C:\Program Files\Belkin\F5D8055\v2\BelkinHWStatus.dll
23:45:45.0546 1808 C:\Program Files\Belkin\F5D8055\v2\BelkinHWStatus.dll - ok
23:45:45.0562 1808 [ DBE2B62353660ECCA0D75EA307A717E9 ] C:\WINDOWS\system32\perfctrs.dll
23:45:45.0562 1808 C:\WINDOWS\system32\perfctrs.dll - ok
23:45:45.0562 1808 [ 401A8C0BE0BAA7D7A470F0942244152D ] C:\WINDOWS\system32\rasdlg.dll
23:45:45.0562 1808 C:\WINDOWS\system32\rasdlg.dll - ok
23:45:45.0562 1808 [ 90A9B542C9300E540864D9FE1C42A130 ] C:\WINDOWS\system32\fxsst.dll
23:45:45.0562 1808 C:\WINDOWS\system32\fxsst.dll - ok
23:45:45.0578 1808 [ 36468087E22C57A83DF758B3F90DF73F ] C:\WINDOWS\system32\ntlanman.dll
23:45:45.0578 1808 C:\WINDOWS\system32\ntlanman.dll - ok
23:45:45.0578 1808 [ AC5DF42FE314C1446B1DAD237BFCFFE0 ] C:\WINDOWS\system32\netui0.dll
23:45:45.0578 1808 C:\WINDOWS\system32\netui0.dll - ok
23:45:45.0578 1808 [ ED5A816D8E11E03F1937AC3C56826EE4 ] C:\WINDOWS\system32\netui1.dll
23:45:45.0578 1808 C:\WINDOWS\system32\netui1.dll - ok
23:45:45.0593 1808 [ 2DE1190196EE9555DB548A57622022EB ] C:\WINDOWS\system32\drprov.dll
23:45:45.0593 1808 C:\WINDOWS\system32\drprov.dll - ok
23:45:45.0593 1808 [ FB8F8EEC8D9C2157789472DD61CDC78B ] C:\WINDOWS\system32\davclnt.dll
23:45:45.0593 1808 C:\WINDOWS\system32\davclnt.dll - ok
23:45:45.0593 1808 [ 88BEEF09C654252F3E46B6167B7F4ECB ] C:\WINDOWS\system32\msisip.dll
23:45:45.0593 1808 C:\WINDOWS\system32\msisip.dll - ok
23:45:45.0609 1808 [ 3A6D465F379E5C815F4AD565391E654C ] C:\WINDOWS\system32\wshext.dll
23:45:45.0609 1808 C:\WINDOWS\system32\wshext.dll - ok
23:45:45.0609 1808 [ BC03475EC281AA1E685388896ACADE8D ] C:\Program Files\Mozilla Firefox\firefox.exe
23:45:45.0609 1808 C:\Program Files\Mozilla Firefox\firefox.exe - ok
23:45:45.0625 1808 [ 67EC459E42D3081DD8FD34356F7CAFC1 ] C:\Program Files\Mozilla Firefox\msvcr100.dll
23:45:45.0625 1808 C:\Program Files\Mozilla Firefox\msvcr100.dll - ok
23:45:45.0625 1808 [ CC6FEB2186A2537DBD300DA012428C8F ] C:\Program Files\Mozilla Firefox\mozglue.dll
23:45:45.0625 1808 C:\Program Files\Mozilla Firefox\mozglue.dll - ok
23:45:45.0625 1808 [ BBA763ABF2DE608FB5D196D4037695D8 ] C:\Program Files\Mozilla Firefox\nspr4.dll
23:45:45.0625 1808 C:\Program Files\Mozilla Firefox\nspr4.dll - ok
23:45:45.0640 1808 [ 03E9314004F504A14A61C3D364B62F66 ] C:\Program Files\Mozilla Firefox\msvcp100.dll
23:45:45.0640 1808 C:\Program Files\Mozilla Firefox\msvcp100.dll - ok
23:45:45.0640 1808 [ 461E8171CC252CE0BE406F7928653493 ] C:\Program Files\Mozilla Firefox\mozjs.dll
23:45:45.0640 1808 C:\Program Files\Mozilla Firefox\mozjs.dll - ok
23:45:45.0656 1808 [ A20918072F6E8D1175F1CCF4B3809E2C ] C:\Program Files\Mozilla Firefox\nssutil3.dll
23:45:45.0656 1808 C:\Program Files\Mozilla Firefox\nssutil3.dll - ok
23:45:45.0671 1808 [ B67DD248876685C9C6F981B462876FAD ] C:\Program Files\Mozilla Firefox\plc4.dll
23:45:45.0671 1808 C:\Program Files\Mozilla Firefox\plc4.dll - ok
23:45:45.0671 1808 [ B1C8AFE8E448DAB0D8E9D4EAEF2C5FE4 ] C:\Program Files\Mozilla Firefox\plds4.dll
23:45:45.0671 1808 C:\Program Files\Mozilla Firefox\plds4.dll - ok
23:45:45.0687 1808 [ AE3023742879C317A1B1CA576185DA98 ] C:\Program Files\Mozilla Firefox\nss3.dll
23:45:45.0687 1808 C:\Program Files\Mozilla Firefox\nss3.dll - ok
23:45:45.0687 1808 [ B5589F1F0AEDC9CDFC6A3BAB55B9A340 ] C:\Program Files\Mozilla Firefox\smime3.dll
23:45:45.0687 1808 C:\Program Files\Mozilla Firefox\smime3.dll - ok
23:45:45.0687 1808 [ B2A0CB1C0A17A6C04625DE4457B4B847 ] C:\Program Files\Mozilla Firefox\ssl3.dll
23:45:45.0687 1808 C:\Program Files\Mozilla Firefox\ssl3.dll - ok
23:45:45.0703 1808 [ C2695F2C77081F68269D93014953657E ] C:\Program Files\Mozilla Firefox\mozalloc.dll
23:45:45.0703 1808 C:\Program Files\Mozilla Firefox\mozalloc.dll - ok
23:45:45.0703 1808 [ AD4E1F7A31B0D1DF306E16AAEEAC3A19 ] C:\Program Files\Mozilla Firefox\mozsqlite3.dll
23:45:45.0703 1808 C:\Program Files\Mozilla Firefox\mozsqlite3.dll - ok
23:45:45.0718 1808 [ 1CDB643F6561E4648D47B6BBF7333122 ] C:\Program Files\Mozilla Firefox\gkmedias.dll
23:45:45.0718 1808 C:\Program Files\Mozilla Firefox\gkmedias.dll - ok
23:45:45.0734 1808 [ 9E03DC5AB51CFD0190541CE2038D819D ] C:\WINDOWS\system32\usp10.dll
23:45:45.0734 1808 C:\WINDOWS\system32\usp10.dll - ok
23:45:45.0734 1808 [ C9CB0A6626B731206BF9E1007CE4755D ] C:\Program Files\Mozilla Firefox\xul.dll
23:45:45.0734 1808 C:\Program Files\Mozilla Firefox\xul.dll - ok
23:45:45.0734 1808 [ F3CA1C3694EAC2B2E44AEF94406E3768 ] C:\Program Files\Mozilla Firefox\xpcom.dll
23:45:45.0734 1808 C:\Program Files\Mozilla Firefox\xpcom.dll - ok
23:45:45.0750 1808 [ DBC50C88618094AEEE22723C11D6307A ] C:\Program Files\Mozilla Firefox\components\browsercomps.dll
23:45:45.0750 1808 C:\Program Files\Mozilla Firefox\components\browsercomps.dll - ok
23:45:45.0750 1808 [ D0049860B63DD87A73A5D165C829C65F ] C:\WINDOWS\system32\t2embed.dll
23:45:45.0750 1808 C:\WINDOWS\system32\t2embed.dll - ok
23:45:45.0765 1808 [ C3200506FB212A0F4FB736A80E646C40 ] C:\WINDOWS\system32\lz32.dll
23:45:45.0765 1808 C:\WINDOWS\system32\lz32.dll - ok
23:45:45.0765 1808 [ B6A4E9A4364EE9A6CD8D81CA3AB9EE36 ] C:\Program Files\Mozilla Firefox\softokn3.dll
23:45:45.0765 1808 C:\Program Files\Mozilla Firefox\softokn3.dll - ok
23:45:45.0781 1808 [ 45357A45CB97C45A21A675CFC0070223 ] C:\Program Files\Mozilla Firefox\nssdbm3.dll
23:45:45.0781 1808 C:\Program Files\Mozilla Firefox\nssdbm3.dll - ok
23:45:45.0796 1808 [ EA2A401F59CAE941DF233AC8B347F83B ] C:\Program Files\Mozilla Firefox\freebl3.dll
23:45:45.0796 1808 C:\Program Files\Mozilla Firefox\freebl3.dll - ok
23:45:45.0796 1808 [ 6ADE2A1469D6CC8263D0BBE05FA60B5C ] C:\Program Files\Mozilla Firefox\nssckbi.dll
23:45:45.0796 1808 C:\Program Files\Mozilla Firefox\nssckbi.dll - ok
23:45:45.0796 1808 [ 303A63F4B913AA5D8998161CB77A8CE7 ] C:\WINDOWS\system32\feclient.dll
23:45:45.0796 1808 C:\WINDOWS\system32\feclient.dll - ok
23:45:45.0812 1808 [ B48E7B4C95CCE0C6C0C3F7B1A97FBC8F ] C:\WINDOWS\system32\wzcdlg.dll
23:45:45.0812 1808 C:\WINDOWS\system32\wzcdlg.dll - ok
23:45:45.0812 1808 [ 467CFC0FE895D9FD08B27188CDE02063 ] C:\Program Files\Java\jre7\bin\awt.dll
23:45:45.0812 1808 C:\Program Files\Java\jre7\bin\awt.dll - ok
23:45:45.0828 1808 [ 95AC512898A8E9F0E76740EB259E4C31 ] C:\Program Files\Java\jre7\bin\client\jvm.dll
23:45:45.0828 1808 C:\Program Files\Java\jre7\bin\client\jvm.dll - ok
23:45:45.0828 1808 [ 87E6543D1CB0D386AC7AC287828E5B07 ] C:\Program Files\Java\jre7\bin\dcpr.dll
23:45:45.0828 1808 C:\Program Files\Java\jre7\bin\dcpr.dll - ok
23:45:45.0843 1808 [ 21F53789F627FF735F54E17BDA1DFD81 ] C:\Program Files\Java\jre7\bin\deploy.dll
23:45:45.0843 1808 C:\Program Files\Java\jre7\bin\deploy.dll - ok
23:45:45.0843 1808 [ 28661294ADE35EF4170615FD43A8A406 ] C:\Program Files\Java\jre7\bin\fontmanager.dll
23:45:45.0843 1808 C:\Program Files\Java\jre7\bin\fontmanager.dll - ok
23:45:45.0859 1808 [ 1E15EAF07C548430B88620AAFD75EB6A ] C:\Program Files\Java\jre7\bin\java.dll
23:45:45.0859 1808 C:\Program Files\Java\jre7\bin\java.dll - ok
23:45:45.0859 1808 [ A8F3C0659931724881347F586730827C ] C:\Program Files\Java\jre7\bin\javaw.exe
23:45:45.0859 1808 C:\Program Files\Java\jre7\bin\javaw.exe - ok
23:45:45.0875 1808 [ 567E9566ABB3590D5AABA395E76CE6BD ] C:\Program Files\Java\jre7\bin\jp2native.dll
23:45:45.0875 1808 C:\Program Files\Java\jre7\bin\jp2native.dll - ok
23:45:45.0875 1808 [ 0A93AD186EDBAFA06F60712C16063AC6 ] C:\Program Files\Java\jre7\bin\jpeg.dll
23:45:45.0875 1808 C:\Program Files\Java\jre7\bin\jpeg.dll - ok
23:45:45.0890 1808 [ CFFAD68E72DD41D207CBD0A77956989E ] C:\Program Files\Java\jre7\bin\net.dll
23:45:45.0890 1808 C:\Program Files\Java\jre7\bin\net.dll - ok
23:45:45.0921 1808 [ 96257A7FB009579DE9DC3A58D626BB47 ] C:\Program Files\Java\jre7\bin\nio.dll
23:45:45.0921 1808 C:\Program Files\Java\jre7\bin\nio.dll - ok
23:45:45.0937 1808 [ F613C1A517B04533C6DA1813200E2A95 ] C:\Program Files\Java\jre7\bin\verify.dll
23:45:45.0937 1808 C:\Program Files\Java\jre7\bin\verify.dll - ok
23:45:45.0953 1808 [ CFDBFCD763E3612E41E198D6AA3CB09A ] C:\Program Files\Java\jre7\bin\zip.dll
23:45:45.0953 1808 C:\Program Files\Java\jre7\bin\zip.dll - ok
23:45:45.0953 1808 [ C14350FC0D47D806699C4F907FC6785B ] C:\WINDOWS\system32\cryptnet.dll
23:45:45.0953 1808 C:\WINDOWS\system32\cryptnet.dll - ok
23:45:45.0953 1808 [ F9D3C78CFE15271D80790677C893CE45 ] C:\WINDOWS\system32\cabinet.dll
23:45:45.0953 1808 C:\WINDOWS\system32\cabinet.dll - ok
23:45:45.0968 1808 ============================================================
23:45:45.0968 1808 Scan finished
23:45:45.0968 1808 ============================================================
23:45:45.0984 1796 Detected object count: 17
23:45:45.0984 1796 Actual detected object count: 17
23:46:46.0953 1796 AegisP ( UnsignedFile.Multi.Generic ) - skipped by user
23:46:46.0953 1796 AegisP ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:46:46.0953 1796 ctac32k ( UnsignedFile.Multi.Generic ) - skipped by user
23:46:46.0953 1796 ctac32k ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:46:46.0953 1796 ctdvda2k ( UnsignedFile.Multi.Generic ) - skipped by user
23:46:46.0953 1796 ctdvda2k ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:46:46.0953 1796 ctprxy2k ( UnsignedFile.Multi.Generic ) - skipped by user
23:46:46.0953 1796 ctprxy2k ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:46:46.0953 1796 ctsfm2k ( UnsignedFile.Multi.Generic ) - skipped by user
23:46:46.0953 1796 ctsfm2k ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:46:46.0953 1796 emupia ( UnsignedFile.Multi.Generic ) - skipped by user
23:46:46.0953 1796 emupia ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:46:46.0953 1796 ha10kx2k ( UnsignedFile.Multi.Generic ) - skipped by user
23:46:46.0953 1796 ha10kx2k ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:46:46.0953 1796 hap16v2k ( UnsignedFile.Multi.Generic ) - skipped by user
23:46:46.0953 1796 hap16v2k ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:46:46.0968 1796 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
23:46:46.0968 1796 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:46:46.0968 1796 Iviaspi ( UnsignedFile.Multi.Generic ) - skipped by user
23:46:46.0968 1796 Iviaspi ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:46:46.0968 1796 PCTINDIS5 ( UnsignedFile.Multi.Generic ) - skipped by user
23:46:46.0968 1796 PCTINDIS5 ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:46:46.0968 1796 PCTWPASV ( UnsignedFile.Multi.Generic ) - skipped by user
23:46:46.0968 1796 PCTWPASV ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:46:46.0968 1796 Pfc ( UnsignedFile.Multi.Generic ) - skipped by user
23:46:46.0968 1796 Pfc ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:46:46.0968 1796 ServiceLayer ( UnsignedFile.Multi.Generic ) - skipped by user
23:46:46.0968 1796 ServiceLayer ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:46:46.0968 1796 sptd ( LockedFile.Multi.Generic ) - skipped by user
23:46:46.0968 1796 sptd ( LockedFile.Multi.Generic ) - User select action: Skip
23:46:46.0984 1796 USBCM ( UnsignedFile.Multi.Generic ) - skipped by user
23:46:46.0984 1796 USBCM ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:46:46.0984 1796 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
23:46:46.0984 1796 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip

------------------------------------------------------------------------------------------------------

FSS.txt

Farbar Service Scanner Version: 19-10-2012
Ran by Compaq_Owner (administrator) on 23-10-2012 at 23:49:47
Running from "C:\Documents and Settings\Compaq_Owner\Desktop"
Microsoft Windows XP Home Edition Service Pack 3 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============
sharedaccess Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to retrieve start type of sharedaccess. The value does not exist.
Checking ImagePath: ATTENTION!=====> Unable to retrieve ImagePath of sharedaccess. The value does not exist.
Unable to retrieve ServiceDll of sharedaccess. The value does not exist.


Firewall Disabled Policy:
==================
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall"=DWORD:0


System Restore:
============

System Restore Disabled Policy:
========================


Security Center:
============
wscsvc Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.


Windows Update:
============
wuauserv Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open wuauserv registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open wuauserv registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open wuauserv registry key. The service key does not exist.

BITS Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open BITS registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open BITS registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open BITS registry key. The service key does not exist.


Windows Autoupdate Disabled Policy:
============================


File Check:
========
C:\WINDOWS\system32\dhcpcsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\afd.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\netbt.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\tcpip.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\ipsec.sys => MD5 is legit
C:\WINDOWS\system32\dnsrslvr.dll => MD5 is legit
C:\WINDOWS\system32\ipnathlp.dll => MD5 is legit
C:\WINDOWS\system32\netman.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\srsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\sr.sys => MD5 is legit
C:\WINDOWS\system32\wscsvc.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\wuauserv.dll => MD5 is legit
C:\WINDOWS\system32\qmgr.dll => MD5 is legit
C:\WINDOWS\system32\es.dll => MD5 is legit
C:\WINDOWS\system32\cryptsvc.dll => MD5 is legit
C:\WINDOWS\system32\svchost.exe => MD5 is legit
C:\WINDOWS\system32\rpcss.dll => MD5 is legit
C:\WINDOWS\system32\services.exe => MD5 is legit

Extra List:
=======
AegisP(14) Bridge(10) BridgeMP(9) Gpc(6) IPSec(4) NetBT(5) PSched(7) Tcpip(3)
0x0F0000000400000001000000020000000300000056000000050000000600000007000000090000000A000000080000000B0000000C0000000D0000000E000000
IpSec Tag value is correct.

**** End of log ****

Edited by younggeeza, 23 October 2012 - 04:52 PM.

[younggeeza]

Another symptom I have is that my pc refuses to wake up from hibernation after I don't touch it for a while.

[Nedklaw]

Hi.


Step 1

Run TDSSKiller using the same instructions as before and when you get to the following screen, the TDSS File System needs to be changed from Skip to Delete. You must leave all of the other items as Skip and then click Continue to remove the TDSS File System.



A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste its contents in your next reply.


Step 2

• Download RogueKiller and save it onto your desktop.
• Quit all programs.
• Start RogueKiller.exe.
• Note: If RogueKiller has been blocked, do not hesitate to try several times. If it really won't run, rename it to winlogon.exe (or winlogon.com) and try again.
• Wait until the Prescan has finished.
• Click on Scan.
  
  
  
• Wait for the end of the scan.
• The report has been created on the desktop.
  
• Click on the Delete button.
• The report has been created on the desktop.
  
• Next click on ShortcutsFix.
• The report has been created on the desktop.

Step 3

If you have the paid version of Malwarebytes 1.6 or later installed, please disable it for the duration of this run.

To disable MBAM

Open the scanner and select the Protection tab.
Remove the tick from Start protection module with Windows.
Reboot and then run OTL.




Run OTL.

• Under the Custom Scans/Fixes box at the bottom, paste in the following:
  
  

  :Commands 
  [CREATERESTOREPOINT] 
  
  :OTL 
  DRV - File not found [Kernel | Disabled | Running] -- C:\DOCUME~1\COMPAQ~1\LOCALS~1\Temp\obfaabiv.sys -- (Micorsoft Windows Service)
  DRV - File not found [Kernel | On_Demand | Unknown] -- -- (ahru8icz)
  DRV - File not found [Kernel | On_Demand | Unknown] -- -- (afydi3mo)
  O4 - HKU\S-1-5-21-4084055621-2455302966-1550939352-1007..\Run: [HphSwemj] C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\yjpdmegv\hphswemj.exe File not found
  O20 - HKLM Winlogon: UserInit - (C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\yjpdmegv\hphswemj.exe) - C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\yjpdmegv\hphswemj.exe File not found
  
  :Files
  ipconfig /flushdns /c
  
  :Commands 
  [emptytemp]
  [Reboot]

• Then click the Run Fix button at the top.
• Let the program run unhindered, reboot the PC when it is done.
• Post the log that appears upon reboot in your next reply.
• If no log appears upon reboot, the OTL Fix log should be located at C:\_OTL\MovedFiles\mmddyyyy_hhmmss.log, where mmddyyyy_hhmmss is the date and the time of the tool run.
• Open OTL again and select the "Scan All Users" box.
• Click the Quick Scan button. Post the log it produces in your next reply.

Step 4

Lets try to run ComboFix using this command:

Click Start - then copy/paste the following bolded text into the Run box & press OK.

"%userprofile%\desktop\combofix.exe" /killall

When finished, it shall produce a log for you. Post that log in your next reply.


Things I want to see in your next reply

• TDSSKiller.[Version]_[Date]_[Time]_log.txt
• All RKreport.txt files
• OTL Fix Log
• OTL.txt
• ComboFix.txt

[younggeeza]

I've also noticed this message appearing on PC startup.

Windows - virtual memory minimum too low.
Your system is low on virtual memory. Windows is increasing the size of your virtual memory paging file. During this process, memory requests for some applications may be denied.

TDSS Log

00:31:34.0750 3420 TDSS rootkit removing tool 2.8.7.0 Aug 20 2012 17:30:03
00:31:36.0484 3420 ============================================================
00:31:36.0484 3420 Current date / time: 2012/10/26 00:31:36.0484
00:31:36.0484 3420 SystemInfo:
00:31:36.0484 3420
00:31:36.0484 3420 OS Version: 5.1.2600 ServicePack: 3.0
00:31:36.0484 3420 Product type: Workstation
00:31:36.0484 3420 ComputerName: SILVER-LIGHTNIN
00:31:36.0484 3420 UserName: Compaq_Owner
00:31:36.0484 3420 Windows directory: C:\WINDOWS
00:31:36.0484 3420 System windows directory: C:\WINDOWS
00:31:36.0484 3420 Processor architecture: Intel x86
00:31:36.0484 3420 Number of processors: 2
00:31:36.0484 3420 Page size: 0x1000
00:31:36.0484 3420 Boot type: Normal boot
00:31:36.0484 3420 ============================================================
00:31:52.0875 3420 BG loaded
00:31:55.0640 3420 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x7E2D, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000054
00:31:55.0859 3420 ============================================================
00:31:55.0859 3420 \Device\Harddisk0\DR0:
00:31:55.0890 3420 MBR partitions:
00:31:55.0890 3420 \Device\Harddisk0\DR0\Partition1: MBR, Type 0xB, StartLBA 0x3F, BlocksNum 0x7E32F1
00:31:55.0890 3420 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x7E3330, BlocksNum 0x1C9DD390
00:31:55.0890 3420 ============================================================
00:32:00.0625 3420 C: <-> \Device\Harddisk0\DR0\Partition2
00:32:01.0000 3420 D: <-> \Device\Harddisk0\DR0\Partition1
00:32:01.0062 3420 ============================================================
00:32:01.0062 3420 Initialize success
00:32:01.0062 3420 ============================================================
00:32:09.0578 2772 ============================================================
00:32:09.0578 2772 Scan started
00:32:09.0578 2772 Mode: Manual; SigCheck; TDLFS;
00:32:09.0578 2772 ============================================================
00:32:23.0656 2772 ================ Scan system memory ========================
00:32:23.0656 2772 System memory - ok
00:32:23.0656 2772 ================ Scan services =============================
00:32:26.0953 2772 Abiosdsk - ok
00:32:26.0968 2772 abp480n5 - ok
00:32:27.0062 2772 [ 8FD99680A539792A30E97944FDAECF17 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
00:32:48.0906 2772 ACPI - ok
00:32:48.0984 2772 [ 9859C0F6936E723E4892D7141B1327D5 ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
00:32:49.0250 2772 ACPIEC - ok
00:32:49.0296 2772 [ B05F2367F62552A2DE7E3C352B7B9885 ] ADM8511 C:\WINDOWS\system32\DRIVERS\ADM8511.SYS
00:32:49.0531 2772 ADM8511 - ok
00:32:49.0546 2772 adpu160m - ok
00:32:49.0859 2772 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys
00:32:50.0078 2772 aec - ok
00:32:50.0140 2772 [ 023867B6606FBABCDD52E089C4A507DA ] AegisP C:\WINDOWS\system32\DRIVERS\AegisP.sys
00:32:50.0218 2772 AegisP ( UnsignedFile.Multi.Generic ) - warning
00:32:50.0218 2772 AegisP - detected UnsignedFile.Multi.Generic (1)
00:32:50.0343 2772 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys
00:32:50.0593 2772 AFD - ok
00:32:52.0140 2772 [ 994A42D273C35B43EE9D1E8A5D8BC639 ] AgereSoftModem C:\WINDOWS\system32\DRIVERS\AGRSM.sys
00:32:52.0406 2772 AgereSoftModem - ok
00:32:52.0421 2772 Aha154x - ok
00:32:52.0421 2772 aic78u2 - ok
00:32:52.0437 2772 aic78xx - ok
00:32:52.0625 2772 [ A9A3DAA780CA6C9671A19D52456705B4 ] Alerter C:\WINDOWS\system32\alrsvc.dll
00:32:52.0828 2772 Alerter - ok
00:32:52.0984 2772 [ 8C515081584A38AA007909CD02020B3D ] ALG C:\WINDOWS\System32\alg.exe
00:32:53.0234 2772 ALG - ok
00:32:53.0234 2772 AliIde - ok
00:32:53.0359 2772 [ 8FCE268CDBDD83B23419D1F35F42C7B1 ] AmdK7 C:\WINDOWS\system32\DRIVERS\amdk7.sys
00:32:53.0843 2772 AmdK7 - ok
00:32:53.0843 2772 amsint - ok
00:32:54.0062 2772 [ A8AA9D47F971570A5162B862B80F87E8 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
00:32:54.0093 2772 Apple Mobile Device - ok
00:32:54.0109 2772 AppMgmt - ok
00:32:54.0125 2772 [ B5B8A80875C1DEDEDA8B02765642C32F ] Arp1394 C:\WINDOWS\system32\DRIVERS\arp1394.sys
00:32:54.0421 2772 Arp1394 - ok
00:32:54.0437 2772 asc - ok
00:32:54.0453 2772 asc3350p - ok
00:32:54.0468 2772 asc3550 - ok
00:32:56.0031 2772 [ 776ACEFA0CA9DF0FAA51A5FB2F435705 ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
00:32:56.0312 2772 aspnet_state - ok
00:32:56.0375 2772 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
00:32:56.0609 2772 AsyncMac - ok
00:32:59.0875 2772 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
00:33:00.0109 2772 atapi - ok
00:33:00.0109 2772 Atdisk - ok
00:33:01.0453 2772 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
00:33:01.0875 2772 Atmarpc - ok
00:33:01.0984 2772 [ DEF7A7882BEC100FE0B2CE2549188F9D ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
00:33:02.0250 2772 AudioSrv - ok
00:33:02.0421 2772 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
00:33:02.0562 2772 audstub - ok
00:33:02.0640 2772 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
00:33:02.0796 2772 Beep - ok
00:33:02.0906 2772 [ 9EFE4236F8670846B6E7C5B0EFF6E715 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
00:33:02.0953 2772 Bonjour Service - ok
00:33:03.0000 2772 [ F934D1B230F84E1D19DD00AC5A7A83ED ] Bridge C:\WINDOWS\system32\DRIVERS\bridge.sys
00:33:03.0671 2772 Bridge - ok
00:33:03.0734 2772 [ F934D1B230F84E1D19DD00AC5A7A83ED ] BridgeMP C:\WINDOWS\system32\DRIVERS\bridge.sys
00:33:03.0937 2772 BridgeMP - ok
00:33:04.0000 2772 [ CFD4E51402DA9838B5A04AE680AF54A0 ] Browser C:\WINDOWS\System32\browser.dll
00:33:04.0156 2772 Browser - ok
00:33:04.0156 2772 catchme - ok
00:33:04.0203 2772 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
00:33:04.0390 2772 cbidf2k - ok
00:33:04.0500 2772 [ 0BE5AEF125BE881C4F854C554F2B025C ] CCDECODE C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
00:33:04.0656 2772 CCDECODE - ok
00:33:04.0656 2772 cd20xrnt - ok
00:33:04.0828 2772 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
00:33:06.0859 2772 Cdaudio - ok
00:33:06.0875 2772 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
00:33:07.0046 2772 Cdfs - ok
00:33:07.0343 2772 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
00:33:07.0656 2772 Cdrom - ok
00:33:07.0656 2772 Changer - ok
00:33:07.0937 2772 [ 1CFE720EB8D93A7158A4EBC3AB178BDE ] cisvc C:\WINDOWS\system32\cisvc.exe
00:33:08.0250 2772 cisvc - ok
00:33:08.0500 2772 [ 34CBE729F38138217F9C80212A2A0C82 ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
00:33:08.0656 2772 ClipSrv - ok
00:33:09.0359 2772 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
00:33:10.0281 2772 clr_optimization_v2.0.50727_32 - ok
00:33:10.0812 2772 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
00:33:11.0062 2772 clr_optimization_v4.0.30319_32 - ok
00:33:11.0062 2772 CmdIde - ok
00:33:11.0062 2772 COMSysApp - ok
00:33:11.0078 2772 Cpqarray - ok
00:33:11.0125 2772 [ 3D4E199942E29207970E04315D02AD3B ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
00:33:11.0328 2772 CryptSvc - ok
00:33:12.0546 2772 [ A5E67327B49E1F4341D470D8BBCBC401 ] ctac32k C:\WINDOWS\system32\drivers\ctac32k.sys
00:33:13.0171 2772 ctac32k ( UnsignedFile.Multi.Generic ) - warning
00:33:13.0171 2772 ctac32k - detected UnsignedFile.Multi.Generic (1)
00:33:13.0375 2772 [ 29F78D59B053CB8778F8426E4E24099C ] ctdvda2k C:\WINDOWS\system32\drivers\ctdvda2k.sys
00:33:13.0859 2772 ctdvda2k ( UnsignedFile.Multi.Generic ) - warning
00:33:13.0859 2772 ctdvda2k - detected UnsignedFile.Multi.Generic (1)
00:33:14.0359 2772 [ C7FC5D87B06207A5D34697B627826618 ] ctprxy2k C:\WINDOWS\system32\drivers\ctprxy2k.sys
00:33:14.0500 2772 ctprxy2k ( UnsignedFile.Multi.Generic ) - warning
00:33:14.0500 2772 ctprxy2k - detected UnsignedFile.Multi.Generic (1)
00:33:14.0875 2772 [ 2C0AF71CF0E1224A2DFC2B67E63B02B1 ] ctsfm2k C:\WINDOWS\system32\drivers\ctsfm2k.sys
00:33:15.0031 2772 ctsfm2k ( UnsignedFile.Multi.Generic ) - warning
00:33:15.0031 2772 ctsfm2k - detected UnsignedFile.Multi.Generic (1)
00:33:15.0046 2772 dac2w2k - ok
00:33:15.0046 2772 dac960nt - ok
00:33:15.0390 2772 [ 6B27A5C03DFB94B4245739065431322C ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
00:33:15.0609 2772 DcomLaunch - ok
00:33:18.0312 2772 [ 5E38D7684A49CACFB752B046357E0589 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
00:33:18.0500 2772 Dhcp - ok
00:33:19.0656 2772 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
00:33:19.0859 2772 Disk - ok
00:33:19.0859 2772 dmadmin - ok
00:33:26.0000 2772 [ D992FE1274BDE0F84AD826ACAE022A41 ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
00:33:27.0125 2772 dmboot - ok
00:33:27.0640 2772 [ 7C824CF7BBDE77D95C08005717A95F6F ] dmio C:\WINDOWS\system32\drivers\dmio.sys
00:33:27.0812 2772 dmio - ok
00:33:30.0906 2772 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
00:33:31.0453 2772 dmload - ok
00:33:32.0171 2772 [ 57EDEC2E5F59F0335E92F35184BC8631 ] dmserver C:\WINDOWS\System32\dmserver.dll
00:33:32.0406 2772 dmserver - ok
00:33:32.0437 2772 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
00:33:32.0671 2772 DMusic - ok
00:33:32.0828 2772 [ 5F7E24FA9EAB896051FFB87F840730D2 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
00:33:33.0093 2772 Dnscache - ok
00:33:33.0546 2772 [ 0F0F6E687E5E15579EF4DA8DD6945814 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
00:33:33.0734 2772 Dot3svc - ok
00:33:33.0734 2772 dpti2o - ok
00:33:33.0765 2772 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
00:33:33.0921 2772 drmkaud - ok
00:33:33.0921 2772 EagleXNt - ok
00:33:33.0984 2772 [ 2187855A7703ADEF0CEF9EE4285182CC ] EapHost C:\WINDOWS\System32\eapsvc.dll
00:33:34.0156 2772 EapHost - ok
00:33:34.0218 2772 EL90XBC - ok
00:33:34.0265 2772 [ 091D37E0F5193F708C9006B1F2E23EE4 ] emupia C:\WINDOWS\system32\drivers\emupia2k.sys
00:33:34.0281 2772 emupia ( UnsignedFile.Multi.Generic ) - warning
00:33:34.0281 2772 emupia - detected UnsignedFile.Multi.Generic (1)
00:33:34.0328 2772 [ BC93B4A066477954555966D77FEC9ECB ] ERSvc C:\WINDOWS\System32\ersvc.dll
00:33:34.0546 2772 ERSvc - ok
00:33:34.0593 2772 [ 65DF52F5B8B6E9BBD183505225C37315 ] Eventlog C:\WINDOWS\system32\services.exe
00:33:34.0640 2772 Eventlog - ok
00:33:34.0718 2772 [ D4991D98F2DB73C60D042F1AEF79EFAE ] EventSystem C:\WINDOWS\System32\es.dll
00:33:34.0781 2772 EventSystem - ok
00:33:34.0812 2772 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
00:33:35.0031 2772 Fastfat - ok
00:33:35.0093 2772 [ 99BC0B50F511924348BE19C7C7313BBF ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
00:33:35.0234 2772 FastUserSwitchingCompatibility - ok
00:33:35.0906 2772 [ E97D6A8684466DF94FF3BC24FB787A07 ] Fax C:\WINDOWS\system32\fxssvc.exe
00:33:36.0062 2772 Fax - ok
00:33:36.0109 2772 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\DRIVERS\fdc.sys
00:33:36.0312 2772 Fdc - ok
00:33:36.0375 2772 [ D45926117EB9FA946A6AF572FBE1CAA3 ] Fips C:\WINDOWS\system32\drivers\Fips.sys
00:33:36.0515 2772 Fips - ok
00:33:36.0562 2772 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\DRIVERS\flpydisk.sys
00:33:36.0765 2772 Flpydisk - ok
00:33:36.0937 2772 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
00:33:37.0109 2772 FltMgr - ok
00:33:37.0296 2772 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
00:33:37.0484 2772 FontCache3.0.0.0 - ok
00:33:37.0515 2772 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
00:33:37.0671 2772 Fs_Rec - ok
00:33:37.0734 2772 [ 6AC26732762483366C3969C9E4D2259D ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
00:33:37.0906 2772 Ftdisk - ok
00:33:37.0984 2772 [ AB8A6A87D9D7255C3884D5B9541A6E80 ] GEARAspiWDM C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
00:33:38.0015 2772 GEARAspiWDM - ok
00:33:38.0062 2772 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
00:33:41.0359 2772 Gpc - ok
00:33:41.0515 2772 [ 1AD88BCF3D043BAA58C15EB262625F9B ] ha10kx2k C:\WINDOWS\system32\drivers\ha10kx2k.sys
00:33:41.0953 2772 ha10kx2k ( UnsignedFile.Multi.Generic ) - warning
00:33:41.0953 2772 ha10kx2k - detected UnsignedFile.Multi.Generic (1)
00:33:41.0984 2772 [ 8FF42F63C722A1DD4C91FF6A497FD6B2 ] hap16v2k C:\WINDOWS\system32\drivers\hap16v2k.sys
00:33:42.0046 2772 hap16v2k ( UnsignedFile.Multi.Generic ) - warning
00:33:42.0046 2772 hap16v2k - detected UnsignedFile.Multi.Generic (1)
00:33:42.0140 2772 [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
00:33:42.0328 2772 HDAudBus - ok
00:33:42.0562 2772 [ 4FCCA060DFE0C51A09DD5C3843888BCD ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
00:33:42.0703 2772 helpsvc - ok
00:33:43.0015 2772 [ DEB04DA35CC871B6D309B77E1443C796 ] HidServ C:\WINDOWS\System32\hidserv.dll
00:33:43.0187 2772 HidServ - ok
00:33:44.0203 2772 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys
00:33:44.0359 2772 HidUsb - ok
00:33:44.0531 2772 [ 8878BD685E490239777BFE51320B88E9 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
00:33:44.0718 2772 hkmsvc - ok
00:33:44.0734 2772 hpn - ok
00:33:44.0859 2772 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
00:33:44.0937 2772 HTTP - ok
00:33:45.0015 2772 [ 6100A808600F44D999CEBDEF8841C7A3 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
00:33:45.0187 2772 HTTPFilter - ok
00:33:45.0187 2772 i2omgmt - ok
00:33:45.0203 2772 i2omp - ok
00:33:45.0296 2772 [ 4A0B06AA8943C1E332520F7440C0AA30 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
00:33:45.0437 2772 i8042prt - ok
00:33:45.0984 2772 [ 0ACEBB31989CBF9A5663FE4A33D28D21 ] ialm C:\WINDOWS\system32\DRIVERS\ialmnt5.sys
00:33:46.0906 2772 ialm - ok
00:33:48.0265 2772 [ 737BC720D7019ABE8380E0C35869A4F4 ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
00:33:48.0468 2772 IDriverT ( UnsignedFile.Multi.Generic ) - warning
00:33:48.0468 2772 IDriverT - detected UnsignedFile.Multi.Generic (1)
00:33:50.0000 2772 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
00:33:50.0812 2772 idsvc - ok
00:33:50.0843 2772 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
00:33:50.0984 2772 Imapi - ok
00:33:51.0125 2772 [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] ImapiService C:\WINDOWS\system32\imapi.exe
00:33:51.0265 2772 ImapiService - ok
00:33:51.0281 2772 ini910u - ok
00:33:53.0062 2772 [ EAFD29C7918325B45E0DABAFD82EF75F ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys
00:33:54.0109 2772 IntcAzAudAddService - ok
00:33:54.0890 2772 [ B5466A9250342A7AA0CD1FBA13420678 ] IntelIde C:\WINDOWS\system32\DRIVERS\intelide.sys
00:33:55.0062 2772 IntelIde - ok
00:33:55.0093 2772 [ 8C953733D8F36EB2133F5BB58808B66B ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
00:33:55.0265 2772 intelppm - ok
00:33:55.0281 2772 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\drivers\ip6fw.sys
00:33:55.0453 2772 Ip6Fw - ok
00:33:55.0500 2772 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
00:33:55.0640 2772 IpFilterDriver - ok
00:33:55.0656 2772 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
00:33:55.0796 2772 IpInIp - ok
00:33:55.0984 2772 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
00:33:56.0187 2772 IpNat - ok
00:33:58.0046 2772 [ 62937A89470AF8FF172F0980CA8AEFC9 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
00:33:58.0359 2772 iPod Service - ok
00:33:58.0437 2772 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
00:33:58.0593 2772 IPSec - ok
00:33:58.0703 2772 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
00:33:58.0843 2772 IRENUM - ok
00:33:59.0046 2772 [ 05A299EC56E52649B1CF2FC52D20F2D7 ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
00:33:59.0203 2772 isapnp - ok
00:33:59.0250 2772 [ F59C3569A2F2C464BB78CB1BDCDCA55E ] Iviaspi C:\WINDOWS\system32\drivers\iviaspi.sys
00:33:59.0281 2772 Iviaspi ( UnsignedFile.Multi.Generic ) - warning
00:33:59.0281 2772 Iviaspi - detected UnsignedFile.Multi.Generic (1)
00:34:00.0750 2772 [ 80F08F50D248EEEEB9256F6522891D40 ] JavaQuickStarterService C:\Program Files\Java\jre7\bin\jqs.exe
00:34:00.0781 2772 JavaQuickStarterService - ok
00:34:00.0968 2772 [ 463C1EC80CD17420A542B7F36A36F128 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
00:34:01.0109 2772 Kbdclass - ok
00:34:01.0171 2772 [ 9EF487A186DEA361AA06913A75B3FA99 ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys
00:34:01.0312 2772 kbdhid - ok
00:34:01.0859 2772 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
00:34:02.0062 2772 kmixer - ok
00:34:02.0125 2772 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
00:34:02.0390 2772 KSecDD - ok
00:34:02.0578 2772 [ DC61F15187372D164769C841655E58F3 ] L8042Kbd C:\WINDOWS\system32\DRIVERS\L8042Kbd.sys
00:34:03.0359 2772 L8042Kbd - ok
00:34:03.0484 2772 [ CB6E007D3A67CB80EE9DF2AFD4B0FC9D ] L8042mou C:\WINDOWS\system32\DRIVERS\L8042mou.Sys
00:34:03.0562 2772 L8042mou - ok
00:34:03.0609 2772 [ 3A7C3CBE5D96B8AE96CE81F0B22FB527 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
00:34:03.0828 2772 lanmanserver - ok
00:34:04.0187 2772 [ A8888A5327621856C0CEC4E385F69309 ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll
00:34:04.0421 2772 LanmanWorkstation - ok
00:34:04.0593 2772 [ BE2DC24D403643A2D1D98F33C7087B38 ] LBeepKE C:\WINDOWS\system32\Drivers\LBeepKE.sys
00:34:04.0609 2772 LBeepKE - ok
00:34:04.0609 2772 lbrtfdc - ok
00:34:07.0312 2772 [ 910344E2A984010435AE84783B25E5EB ] LBTServ C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
00:34:07.0687 2772 LBTServ - ok
00:34:11.0453 2772 [ 01CC7FB6E790EF044B411377F3A1FF41 ] LHidFilt C:\WINDOWS\system32\DRIVERS\LHidFilt.Sys
00:34:11.0500 2772 LHidFilt - ok
00:34:12.0500 2772 [ A7DB739AE99A796D91580147E919CC59 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
00:34:12.0703 2772 LmHosts - ok
00:34:13.0593 2772 [ A2E7EAE8898D7B4B8C302B8F4E836BB5 ] LMouFilt C:\WINDOWS\system32\DRIVERS\LMouFilt.Sys
00:34:13.0609 2772 LMouFilt - ok
00:34:14.0703 2772 [ 58597A99792461E89BB5C44E17508D70 ] LMouKE C:\WINDOWS\system32\DRIVERS\LMouKE.Sys
00:34:14.0796 2772 LMouKE - ok
00:34:14.0906 2772 [ 0DEC219CB6EFCBC872F88F9AEC320EA6 ] LUsbFilt C:\WINDOWS\system32\Drivers\LUsbFilt.Sys
00:34:14.0937 2772 LUsbFilt - ok
00:34:15.0000 2772 [ 500D089CE760D83DA2B6CBA681AA9949 ] MBAMProtector C:\WINDOWS\system32\drivers\mbam.sys
00:34:15.0015 2772 MBAMProtector - ok
00:34:15.0234 2772 [ 85B16A92B117A5A800032ECD904B86DB ] MBAMScheduler C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
00:34:15.0359 2772 MBAMScheduler - ok
00:34:15.0468 2772 [ 0DB7527DB188C7D967A37BB51BBF3963 ] MBAMSwissArmy C:\WINDOWS\system32\drivers\mbamswissarmy.sys
00:34:15.0484 2772 MBAMSwissArmy - ok
00:34:15.0515 2772 [ 986B1FF5814366D71E0AC5755C88F2D3 ] Messenger C:\WINDOWS\System32\msgsvc.dll
00:34:15.0687 2772 Messenger - ok
00:34:15.0906 2772 Micorsoft Windows Service - ok
00:34:16.0531 2772 [ 123271BD5237AB991DC5C21FDF8835EB ] Microsoft Office Groove Audit Service C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
00:34:16.0562 2772 Microsoft Office Groove Audit Service - ok
00:34:16.0812 2772 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
00:34:17.0015 2772 mnmdd - ok
00:34:18.0578 2772 [ D18F1F0C101D06A1C1ADF26EED16FCDD ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
00:34:18.0796 2772 mnmsrvc - ok
00:34:18.0921 2772 [ DFCBAD3CEC1C5F964962AE10E0BCC8E1 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
00:34:19.0109 2772 Modem - ok
00:34:19.0484 2772 [ 35C9E97194C8CFB8430125F8DBC34D04 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
00:34:19.0640 2772 Mouclass - ok
00:34:19.0921 2772 [ B1C303E17FB9D46E87A98E4BA6769685 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
00:34:20.0078 2772 mouhid - ok
00:34:20.0109 2772 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
00:34:20.0265 2772 MountMgr - ok
00:34:20.0625 2772 [ 4D7F2682D29B92A6251B17957AA0B985 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
00:34:20.0828 2772 MozillaMaintenance - ok
00:34:20.0828 2772 mraid35x - ok
00:34:20.0968 2772 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
00:34:21.0140 2772 MRxDAV - ok
00:34:21.0375 2772 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
00:34:21.0625 2772 MRxSmb - ok
00:34:21.0734 2772 [ A137F1470499A205ABBB9AAFB3B6F2B1 ] MSDTC C:\WINDOWS\system32\msdtc.exe
00:34:21.0906 2772 MSDTC - ok
00:34:21.0953 2772 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
00:34:22.0125 2772 Msfs - ok
00:34:22.0125 2772 MSIServer - ok
00:34:22.0140 2772 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
00:34:22.0281 2772 MSKSSRV - ok
00:34:22.0453 2772 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
00:34:22.0609 2772 MSPCLOCK - ok
00:34:22.0656 2772 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
00:34:22.0812 2772 MSPQM - ok
00:34:22.0953 2772 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
00:34:23.0093 2772 mssmbios - ok
00:34:23.0109 2772 [ E53736A9E30C45FA9E7B5EAC55056D1D ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
00:34:23.0281 2772 MSTEE - ok
00:34:23.0765 2772 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
00:34:23.0921 2772 Mup - ok
00:34:23.0968 2772 [ 5B50F1B2A2ED47D560577B221DA734DB ] NABTSFEC C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
00:34:24.0156 2772 NABTSFEC - ok
00:34:25.0781 2772 [ 0102140028FAD045756796E1C685D695 ] napagent C:\WINDOWS\System32\qagentrt.dll
00:34:26.0015 2772 napagent - ok
00:34:26.0125 2772 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
00:34:26.0281 2772 NDIS - ok
00:34:26.0515 2772 [ 7FF1F1FD8609C149AA432F95A8163D97 ] NdisIP C:\WINDOWS\system32\DRIVERS\NdisIP.sys
00:34:26.0656 2772 NdisIP - ok
00:34:26.0703 2772 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
00:34:26.0875 2772 NdisTapi - ok
00:34:26.0937 2772 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
00:34:27.0078 2772 Ndisuio - ok
00:34:27.0171 2772 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
00:34:27.0359 2772 NdisWan - ok
00:34:27.0421 2772 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
00:34:27.0546 2772 NDProxy - ok
00:34:27.0593 2772 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
00:34:27.0750 2772 NetBIOS - ok
00:34:27.0796 2772 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
00:34:27.0968 2772 NetBT - ok
00:34:28.0015 2772 [ B857BA82860D7FF85AE29B095645563B ] NetDDE C:\WINDOWS\system32\netdde.exe
00:34:28.0171 2772 NetDDE - ok
00:34:28.0250 2772 [ B857BA82860D7FF85AE29B095645563B ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
00:34:28.0359 2772 NetDDEdsdm - ok
00:34:28.0421 2772 [ BF2466B3E18E970D8A976FB95FC1CA85 ] Netlogon C:\WINDOWS\system32\lsass.exe
00:34:28.0546 2772 Netlogon - ok
00:34:28.0609 2772 [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] Netman C:\WINDOWS\System32\netman.dll
00:34:28.0750 2772 Netman - ok
00:34:28.0796 2772 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
00:34:29.0015 2772 NetTcpPortSharing - ok
00:34:29.0062 2772 [ E9E47CFB2D461FA0FC75B7A74C6383EA ] NIC1394 C:\WINDOWS\system32\DRIVERS\nic1394.sys
00:34:29.0203 2772 NIC1394 - ok
00:34:29.0296 2772 [ 943337D786A56729263071623BBB9DE5 ] Nla C:\WINDOWS\System32\mswsock.dll
00:34:29.0375 2772 Nla - ok
00:34:29.0406 2772 [ 1E421A6BCF2203CC61B821ADA9DE878B ] nm C:\WINDOWS\system32\DRIVERS\NMnt.sys
00:34:29.0562 2772 nm - ok
00:34:29.0750 2772 [ B4E87D4F40C57D036E821BD06DB1D1B7 ] nmwcd C:\WINDOWS\system32\drivers\ccdcmb.sys
00:34:30.0343 2772 nmwcd - ok
00:34:30.0375 2772 [ BEE0ADDF01D62725DDC2CC113D6B374C ] nmwcdc C:\WINDOWS\system32\drivers\ccdcmbo.sys
00:34:30.0437 2772 nmwcdc - ok
00:34:30.0484 2772 [ 6623E51595C0076755C29C00846C4EB2 ] NPF C:\WINDOWS\system32\drivers\npf.sys
00:34:30.0515 2772 NPF - ok
00:34:30.0546 2772 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
00:34:30.0671 2772 Npfs - ok
00:34:31.0921 2772 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
00:34:32.0234 2772 Ntfs - ok
00:34:32.0328 2772 [ BF2466B3E18E970D8A976FB95FC1CA85 ] NtLmSsp C:\WINDOWS\System32\lsass.exe
00:34:32.0609 2772 NtLmSsp - ok
00:34:32.0937 2772 [ 156F64A3345BD23C600655FB4D10BC08 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
00:34:33.0296 2772 NtmsSvc - ok
00:34:33.0812 2772 [ CF7E041663119E09D2E118521ADA9300 ] NuidFltr C:\WINDOWS\system32\DRIVERS\NuidFltr.sys
00:34:33.0843 2772 NuidFltr - ok
00:34:33.0937 2772 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
00:34:34.0078 2772 Null - ok
00:34:36.0968 2772 [ 9E143FB3EF13B7EC1C1DD06529DEBADD ] nv C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
00:34:38.0328 2772 nv - ok
00:34:38.0390 2772 [ 1633409E67F1BD6E5AC8ECB9CD5D2027 ] NVSvc C:\WINDOWS\system32\nvsvc32.exe
00:34:38.0437 2772 NVSvc - ok
00:34:38.0468 2772 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
00:34:38.0656 2772 NwlnkFlt - ok
00:34:38.0890 2772 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
00:34:39.0078 2772 NwlnkFwd - ok
00:34:39.0437 2772 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
00:34:39.0687 2772 odserv - ok
00:34:39.0734 2772 [ CA33832DF41AFB202EE7AEB05145922F ] ohci1394 C:\WINDOWS\system32\DRIVERS\ohci1394.sys
00:34:39.0890 2772 ohci1394 - ok
00:34:40.0671 2772 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
00:34:40.0750 2772 ose - ok
00:34:40.0781 2772 [ 5575FAF8F97CE5E713D108C2A58D7C7C ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys
00:34:41.0015 2772 Parport - ok
00:34:42.0250 2772 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
00:34:42.0437 2772 PartMgr - ok
00:34:42.0468 2772 [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
00:34:42.0625 2772 ParVdm - ok
00:34:42.0718 2772 [ 175CC28DCF819F78CAA3FBD44AD9E52A ] pccsmcfd C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys
00:34:42.0796 2772 pccsmcfd - ok
00:34:42.0828 2772 [ A219903CCF74233761D92BEF471A07B1 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
00:34:42.0984 2772 PCI - ok
00:34:43.0000 2772 PCIDump - ok
00:34:43.0031 2772 [ CCF5F451BB1A5A2A522A76E670000FF0 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
00:34:43.0187 2772 PCIIde - ok
00:34:43.0218 2772 [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
00:34:43.0390 2772 Pcmcia - ok
00:34:43.0843 2772 [ A05145D98D8F74D8CA7E251C1E1B274D ] PCTINDIS5 C:\WINDOWS\System32\PCTINDIS5.SYS
00:34:43.0875 2772 PCTINDIS5 ( UnsignedFile.Multi.Generic ) - warning
00:34:43.0875 2772 PCTINDIS5 - detected UnsignedFile.Multi.Generic (1)
00:34:44.0062 2772 [ 53B518B36FF81CB21334E43237B7B461 ] PCTWPASV C:\Program Files\Arcadyan Wireless\pctwpasv.exe
00:34:44.0093 2772 PCTWPASV ( UnsignedFile.Multi.Generic ) - warning
00:34:44.0093 2772 PCTWPASV - detected UnsignedFile.Multi.Generic (1)
00:34:44.0093 2772 PDCOMP - ok
00:34:44.0109 2772 PDFRAME - ok
00:34:44.0109 2772 PDRELI - ok
00:34:44.0125 2772 PDRFRAME - ok
00:34:44.0125 2772 perc2 - ok
00:34:44.0140 2772 perc2hib - ok
00:34:44.0296 2772 [ 444F122E68DB44C0589227781F3C8B3F ] Pfc C:\WINDOWS\system32\drivers\pfc.sys
00:34:44.0359 2772 Pfc ( UnsignedFile.Multi.Generic ) - warning
00:34:44.0359 2772 Pfc - detected UnsignedFile.Multi.Generic (1)
00:34:44.0828 2772 [ 2F81E367875C5D7D6F05454BA84D27A9 ] PID_0920 C:\WINDOWS\system32\DRIVERS\LV532AV.SYS
00:34:45.0125 2772 PID_0920 - ok
00:34:45.0234 2772 [ 65DF52F5B8B6E9BBD183505225C37315 ] PlugPlay C:\WINDOWS\system32\services.exe
00:34:45.0281 2772 PlugPlay - ok
00:34:45.0515 2772 [ BF2466B3E18E970D8A976FB95FC1CA85 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
00:34:45.0625 2772 PolicyAgent - ok
00:34:45.0890 2772 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
00:34:46.0031 2772 PptpMiniport - ok
00:34:46.0203 2772 [ 23EA4D861FAA8A010DB153F9819FB4F7 ] PRISM_A00 C:\WINDOWS\system32\DRIVERS\PCTELSAP.SYS
00:34:46.0437 2772 PRISM_A00 - ok
00:34:47.0718 2772 [ A32BEBAF723557681BFC6BD93E98BD26 ] Processor C:\WINDOWS\system32\DRIVERS\processr.sys
00:34:47.0921 2772 Processor - ok
00:34:47.0937 2772 PROCEXP151 - ok
00:34:48.0046 2772 [ BF2466B3E18E970D8A976FB95FC1CA85 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
00:34:48.0156 2772 ProtectedStorage - ok
00:34:48.0203 2772 [ 9B793A1FFD480155FE9EE5261153F21B ] Ps2 C:\WINDOWS\system32\DRIVERS\PS2.sys
00:34:48.0359 2772 Ps2 - ok
00:34:48.0781 2772 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
00:34:48.0906 2772 PSched - ok
00:34:49.0046 2772 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
00:34:49.0203 2772 Ptilink - ok
00:34:49.0296 2772 [ E42E3433DBB4CFFE8FDD91EAB29AEA8E ] PxHelp20 C:\WINDOWS\system32\Drivers\PxHelp20.sys
00:34:49.0375 2772 PxHelp20 - ok
00:34:49.0375 2772 ql1080 - ok
00:34:49.0390 2772 Ql10wnt - ok
00:34:49.0390 2772 ql12160 - ok
00:34:49.0406 2772 ql1240 - ok
00:34:49.0406 2772 ql1280 - ok
00:34:50.0250 2772 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
00:34:50.0859 2772 RasAcd - ok
00:34:52.0296 2772 [ AD188BE7BDF94E8DF4CA0A55C00A5073 ] RasAuto C:\WINDOWS\System32\rasauto.dll
00:34:52.0484 2772 RasAuto - ok
00:34:52.0906 2772 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
00:34:53.0093 2772 Rasl2tp - ok
00:34:53.0875 2772 [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] RasMan C:\WINDOWS\System32\rasmans.dll
00:34:54.0000 2772 RasMan - ok
00:34:54.0625 2772 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
00:34:54.0765 2772 RasPppoe - ok
00:34:54.0796 2772 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
00:34:54.0953 2772 Raspti - ok
00:34:55.0390 2772 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
00:34:55.0609 2772 Rdbss - ok
00:34:55.0640 2772 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
00:34:55.0812 2772 RDPCDD - ok
00:34:56.0765 2772 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
00:34:57.0031 2772 RDPWD - ok
00:34:58.0421 2772 [ 3C37BF86641BDA977C3BF8A840F3B7FA ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
00:34:58.0687 2772 RDSessMgr - ok
00:34:59.0000 2772 [ F828DD7E1419B6653894A8F97A0094C5 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
00:34:59.0171 2772 redbook - ok
00:34:59.0515 2772 RegKernelHelp - ok
00:34:59.0875 2772 [ 7E699FF5F59B5D9DE5390E3C34C67CF5 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
00:35:00.0140 2772 RemoteAccess - ok
00:35:00.0500 2772 [ F17713D108ACA124A139FDE877EEF68A ] RimUsb C:\WINDOWS\system32\Drivers\RimUsb.sys
00:35:00.0625 2772 RimUsb - ok
00:35:01.0031 2772 [ E51A8D02B4BD33EBA1F7A5B76C3766ED ] rpcapd C:\Program Files\WinPcap\rpcapd.exe
00:35:01.0171 2772 rpcapd - ok
00:35:01.0390 2772 [ AAED593F84AFA419BBAE8572AF87CF6A ] RpcLocator C:\WINDOWS\System32\locator.exe
00:35:01.0546 2772 RpcLocator - ok
00:35:01.0703 2772 [ 6B27A5C03DFB94B4245739065431322C ] RpcSs C:\WINDOWS\System32\rpcss.dll
00:35:01.0796 2772 RpcSs - ok
00:35:02.0015 2772 [ 471B3F9741D762ABE75E9DEEA4787E47 ] RSVP C:\WINDOWS\System32\rsvp.exe
00:35:02.0203 2772 RSVP - ok
00:35:02.0281 2772 [ E2E588D92C8E151CD3515EE09FEC90E2 ] rt2870 C:\WINDOWS\system32\DRIVERS\rt2870.sys
00:35:02.0343 2772 rt2870 - ok
00:35:02.0406 2772 [ 67C9511A760149797E806FFD9F14AD37 ] RTL8023xp C:\WINDOWS\system32\DRIVERS\Rtnicxp.sys
00:35:02.0640 2772 RTL8023xp - ok
00:35:03.0031 2772 [ 2EF9C0DC26B30B2318B1FC3FAA1F0AE7 ] rtl8139 C:\WINDOWS\system32\DRIVERS\R8139n51.SYS
00:35:03.0093 2772 rtl8139 - ok
00:35:03.0125 2772 [ BF2466B3E18E970D8A976FB95FC1CA85 ] SamSs C:\WINDOWS\system32\lsass.exe
00:35:03.0250 2772 SamSs - ok
00:35:03.0296 2772 [ 86D007E7A654B9A71D1D7D856B104353 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
00:35:03.0468 2772 SCardSvr - ok
00:35:03.0578 2772 [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] Schedule C:\WINDOWS\system32\schedsvc.dll
00:35:03.0718 2772 Schedule - ok
00:35:03.0968 2772 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
00:35:04.0125 2772 Secdrv - ok
00:35:04.0218 2772 [ CBE612E2BB6A10E3563336191EDA1250 ] seclogon C:\WINDOWS\System32\seclogon.dll
00:35:04.0390 2772 seclogon - ok
00:35:04.0468 2772 [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] SENS C:\WINDOWS\system32\sens.dll
00:35:04.0625 2772 SENS - ok
00:35:04.0718 2772 [ 0F29512CCD6BEAD730039FB4BD2C85CE ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
00:35:04.0859 2772 serenum - ok
00:35:04.0906 2772 [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys
00:35:05.0046 2772 Serial - ok
00:35:05.0796 2772 [ 3ADDDE282706E6CA90EE4A7324C9C243 ] ServiceLayer C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
00:35:06.0546 2772 ServiceLayer ( UnsignedFile.Multi.Generic ) - warning
00:35:06.0546 2772 ServiceLayer - detected UnsignedFile.Multi.Generic (1)
00:35:06.0812 2772 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
00:35:06.0953 2772 Sfloppy - ok
00:35:07.0015 2772 [ 99BC0B50F511924348BE19C7C7313BBF ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
00:35:07.0046 2772 ShellHWDetection - ok
00:35:07.0046 2772 Simbad - ok
00:35:07.0125 2772 [ 020467B4EE7F73C304943BF0E3E4D526 ] SiS315 C:\WINDOWS\system32\DRIVERS\sisgrp.sys
00:35:07.0312 2772 SiS315 - ok
00:35:07.0359 2772 [ 61CA562DEF09A782D26B3E7EDEC5369A ] SISAGP C:\WINDOWS\system32\DRIVERS\SISAGPX.sys
00:35:07.0468 2772 SISAGP - ok
00:35:08.0593 2772 [ 02960A9C3F4E5178EDBD9C0D2D995B3B ] SiSkp C:\WINDOWS\system32\DRIVERS\srvkp.sys
00:35:08.0656 2772 SiSkp - ok
00:35:10.0156 2772 [ 866D538EBE33709A5C9F5C62B73B7D14 ] SLIP C:\WINDOWS\system32\DRIVERS\SLIP.sys
00:35:10.0437 2772 SLIP - ok
00:35:12.0140 2772 [ 60C377BE6B3CC83F6A8584934B181D2E ] SNMP C:\WINDOWS\System32\snmp.exe
00:35:12.0328 2772 SNMP - ok
00:35:12.0765 2772 [ 80A050795A107A76C2B1CD4CFBE010E6 ] SNMPTRAP C:\WINDOWS\System32\snmptrap.exe
00:35:12.0968 2772 SNMPTRAP - ok
00:35:12.0968 2772 Sparrow - ok
00:35:13.0218 2772 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
00:35:13.0421 2772 splitter - ok
00:35:16.0546 2772 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe
00:35:17.0296 2772 Spooler - ok
00:35:17.0812 2772 [ CDDDEC541BC3C96F91ECB48759673505 ] sptd C:\WINDOWS\system32\Drivers\sptd.sys
00:35:17.0812 2772 Suspicious file (NoAccess): C:\WINDOWS\system32\Drivers\sptd.sys. md5: CDDDEC541BC3C96F91ECB48759673505
00:35:17.0843 2772 sptd ( LockedFile.Multi.Generic ) - warning
00:35:17.0843 2772 sptd - detected LockedFile.Multi.Generic (1)
00:35:17.0859 2772 [ 76BB022C2FB6902FD5BDD4F78FC13A5D ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
00:35:18.0031 2772 sr - ok
00:35:18.0609 2772 [ 3805DF0AC4296A34BA4BF93B346CC378 ] srservice C:\WINDOWS\system32\srsvc.dll
00:35:18.0828 2772 srservice - ok
00:35:18.0906 2772 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
00:35:19.0046 2772 Srv - ok
00:35:19.0125 2772 [ 0A5679B3714EDAB99E357057EE88FCA6 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
00:35:19.0312 2772 SSDPSRV - ok
00:35:19.0375 2772 [ 8BAD69CBAC032D4BBACFCE0306174C30 ] stisvc C:\WINDOWS\system32\wiaservc.dll
00:35:19.0562 2772 stisvc - ok
00:35:19.0812 2772 [ 77813007BA6265C4B6098187E6ED79D2 ] streamip C:\WINDOWS\system32\DRIVERS\StreamIP.sys
00:35:19.0968 2772 streamip - ok
00:35:19.0984 2772 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
00:35:20.0125 2772 swenum - ok
00:35:20.0453 2772 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
00:35:20.0625 2772 swmidi - ok
00:35:20.0625 2772 SwPrv - ok
00:35:20.0640 2772 symc810 - ok
00:35:20.0640 2772 symc8xx - ok
00:35:22.0218 2772 SYMIDSCO - ok
00:35:22.0218 2772 sym_hi - ok
00:35:22.0218 2772 sym_u3 - ok
00:35:22.0359 2772 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
00:35:22.0500 2772 sysaudio - ok
00:35:26.0187 2772 [ C7ABBC59B43274B1109DF6B24D617051 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
00:35:26.0359 2772 SysmonLog - ok
00:35:27.0828 2772 [ 3CB78C17BB664637787C9A1C98F79C38 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
00:35:27.0984 2772 TapiSrv - ok
00:35:29.0046 2772 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
00:35:29.0281 2772 Tcpip - ok
00:35:30.0843 2772 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
00:35:31.0218 2772 TDPIPE - ok
00:35:31.0562 2772 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
00:35:31.0937 2772 TDTCP - ok
00:35:32.0140 2772 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
00:35:32.0390 2772 TermDD - ok
00:35:32.0812 2772 [ FF3477C03BE7201C294C35F684B3479F ] TermService C:\WINDOWS\System32\termsrv.dll
00:35:33.0109 2772 TermService - ok
00:35:33.0296 2772 [ 99BC0B50F511924348BE19C7C7313BBF ] Themes C:\WINDOWS\System32\shsvcs.dll
00:35:33.0390 2772 Themes - ok
00:35:33.0468 2772 TosIde - ok
00:35:33.0562 2772 [ 55BCA12F7F523D35CA3CB833C725F54E ] TrkWks C:\WINDOWS\system32\trkwks.dll
00:35:33.0828 2772 TrkWks - ok
00:35:33.0875 2772 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
00:35:34.0125 2772 Udfs - ok
00:35:34.0125 2772 ultra - ok
00:35:34.0203 2772 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
00:35:34.0765 2772 Update - ok
00:35:34.0843 2772 [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 ] upnphost C:\WINDOWS\System32\upnphost.dll
00:35:35.0031 2772 upnphost - ok
00:35:35.0078 2772 [ F5D2AA9D56A3A01A190D01CD961BA0E7 ] upperdev C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys
00:35:35.0171 2772 upperdev - ok
00:35:35.0218 2772 [ 05365FB38FCA1E98F7A566AAAF5D1815 ] UPS C:\WINDOWS\System32\ups.exe
00:35:35.0421 2772 UPS - ok
00:35:35.0703 2772 [ C1CA131F4E3ED63D6BC89A35FFAD4CDA ] USBAAPL C:\WINDOWS\system32\Drivers\usbaapl.sys
00:35:35.0890 2772 USBAAPL - ok
00:35:35.0937 2772 [ E919708DB44ED8543A7C017953148330 ] usbaudio C:\WINDOWS\system32\drivers\usbaudio.sys
00:35:36.0125 2772 usbaudio - ok
00:35:36.0281 2772 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
00:35:36.0484 2772 usbccgp - ok
00:35:36.0562 2772 [ D21CDE1C635BCC5053463579EEE453CF ] USBCM C:\WINDOWS\system32\DRIVERS\Sacm1K.sys
00:35:36.0656 2772 USBCM ( UnsignedFile.Multi.Generic ) - warning
00:35:36.0656 2772 USBCM - detected UnsignedFile.Multi.Generic (1)
00:35:36.0703 2772 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
00:35:37.0265 2772 usbehci - ok
00:35:37.0421 2772 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
00:35:37.0593 2772 usbhub - ok
00:35:37.0812 2772 [ 0DAECCE65366EA32B162F85F07C6753B ] usbohci C:\WINDOWS\system32\DRIVERS\usbohci.sys
00:35:38.0078 2772 usbohci - ok
00:35:38.0218 2772 [ 1C888B000C2F9492F4B15B5B6B84873E ] usbser C:\WINDOWS\system32\drivers\usbser.sys
00:35:38.0578 2772 usbser - ok
00:35:38.0656 2772 [ EB2D3830646E393776E1EF98AC76A43D ] UsbserFilt C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys
00:35:38.0812 2772 UsbserFilt - ok
00:35:38.0875 2772 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
00:35:39.0031 2772 USBSTOR - ok
00:35:39.0281 2772 [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
00:35:39.0593 2772 usbuhci - ok
00:35:40.0640 2772 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
00:35:40.0875 2772 VgaSave - ok
00:35:40.0875 2772 viaagp1 - ok
00:35:40.0953 2772 [ 220D565A3AFDEA901DABC67A5C81A121 ] viagfx C:\WINDOWS\system32\DRIVERS\vtmini.sys
00:35:41.0062 2772 viagfx - ok
00:35:41.0250 2772 [ 3B3EFCDA263B8AC14FDF9CBDD0791B2E ] ViaIde C:\WINDOWS\system32\DRIVERS\viaide.sys
00:35:41.0656 2772 ViaIde - ok
00:35:42.0187 2772 [ 4C8FCB5CC53AAB716D810740FE59D025 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
00:35:42.0750 2772 VolSnap - ok
00:35:43.0109 2772 [ 7A9DB3A67C333BF0BD42E42B8596854B ] VSS C:\WINDOWS\System32\vssvc.exe
00:35:43.0328 2772 VSS - ok
00:35:43.0734 2772 [ 54AF4B1D5459500EF0937F6D33B1914F ] W32Time C:\WINDOWS\system32\w32time.dll
00:35:43.0953 2772 W32Time - ok
00:35:44.0656 2772 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
00:35:44.0828 2772 Wanarp - ok
00:35:46.0203 2772 [ FD47474BD21794508AF449D9D91AF6E6 ] Wdf01000 C:\WINDOWS\system32\DRIVERS\Wdf01000.sys
00:35:46.0296 2772 Wdf01000 - ok
00:35:46.0296 2772 WDICA - ok
00:35:46.0828 2772 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
00:35:49.0031 2772 wdmaud - ok
00:35:49.0390 2772 [ 77A354E28153AD2D5E120A5A8687BC06 ] WebClient C:\WINDOWS\System32\webclnt.dll
00:35:49.0593 2772 WebClient - ok
00:35:50.0078 2772 [ 2D0E4ED081963804CCC196A0929275B5 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
00:35:50.0250 2772 winmgmt - ok
00:35:50.0562 2772 [ 051B1BDECD6DEE18C771B5D5EC7F044D ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
00:35:50.0734 2772 WmdmPmSN - ok
00:35:50.0843 2772 [ E0673F1106E62A68D2257E376079F821 ] WmiApSrv C:\WINDOWS\System32\wbem\wmiapsrv.exe
00:35:51.0093 2772 WmiApSrv - ok
00:35:54.0703 2772 [ 3730B84637CB6E28F6FFD38E0880BBB4 ] WMPNetworkSvc C:\Program Files\Windows Media Player\WMPNetwk.exe
00:35:56.0078 2772 WMPNetworkSvc ( UnsignedFile.Multi.Generic ) - warning
00:35:56.0078 2772 WMPNetworkSvc - detected UnsignedFile.Multi.Generic (1)
00:35:57.0750 2772 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
00:35:58.0875 2772 WPFFontCache_v0400 - ok
00:35:59.0031 2772 [ C98B39829C2BBD34E454150633C62C78 ] WSTCODEC C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
00:35:59.0546 2772 WSTCODEC - ok
00:36:00.0156 2772 [ 50EB9E21963B4F06FD010D007D54351B ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
00:36:00.0468 2772 WudfPf - ok
00:36:00.0937 2772 [ 6E209664BDEA8A15B5E8E480D6C607C2 ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys
00:36:01.0000 2772 WudfRd - ok
00:36:01.0031 2772 [ AE93084D2D236887BA56467AE42B4955 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
00:36:01.0078 2772 WudfSvc - ok
00:36:02.0062 2772 [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
00:36:02.0328 2772 WZCSVC - ok
00:36:02.0734 2772 [ 295D21F14C335B53CB8154E5B1F892B9 ] xmlprov C:\WINDOWS\System32\xmlprov.dll
00:36:02.0890 2772 xmlprov - ok
00:36:02.0906 2772 ================ Scan global ===============================
00:36:03.0000 2772 [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll
00:36:03.0156 2772 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll
00:36:03.0203 2772 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll
00:36:03.0250 2772 [ 65DF52F5B8B6E9BBD183505225C37315 ] C:\WINDOWS\system32\services.exe
00:36:03.0250 2772 [Global] - ok
00:36:03.0250 2772 ================ Scan MBR ==================================
00:36:03.0281 2772 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0
00:36:04.0109 2772 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
00:36:04.0109 2772 \Device\Harddisk0\DR0 - detected TDSS File System (1)
00:36:04.0109 2772 ================ Scan VBR ==================================
00:36:04.0156 2772 [ 4D6BD0FD208E1DC105384851928AC2DC ] \Device\Harddisk0\DR0\Partition1
00:36:04.0156 2772 \Device\Harddisk0\DR0\Partition1 - ok
00:36:04.0156 2772 [ 51BF0B28FBEEDDA7E13FD57DBFCA86D2 ] \Device\Harddisk0\DR0\Partition2
00:36:04.0203 2772 \Device\Harddisk0\DR0\Partition2 - ok
00:36:04.0203 2772 ================ Scan active images ========================
00:36:04.0203 2772 [ A32BEBAF723557681BFC6BD93E98BD26 ] C:\WINDOWS\system32\drivers\processr.sys
00:36:04.0203 2772 C:\WINDOWS\system32\drivers\processr.sys - ok
00:36:04.0218 2772 [ E28726B72C46821A28830E077D39A55B ] C:\WINDOWS\system32\drivers\videoprt.sys
00:36:04.0218 2772 C:\WINDOWS\system32\drivers\videoprt.sys - ok
00:36:04.0218 2772 [ 9E143FB3EF13B7EC1C1DD06529DEBADD ] C:\WINDOWS\system32\drivers\nv4_mini.sys
00:36:04.0218 2772 C:\WINDOWS\system32\drivers\nv4_mini.sys - ok
00:36:04.0218 2772 [ 573C7D0A32852B48F3058CFD8026F511 ] C:\WINDOWS\system32\drivers\hdaudbus.sys
00:36:04.0218 2772 C:\WINDOWS\system32\drivers\hdaudbus.sys - ok
00:36:04.0218 2772 [ 791912E524CC2CC6F50B5F2B52D1EB71 ] C:\WINDOWS\system32\drivers\usbport.sys
00:36:04.0218 2772 C:\WINDOWS\system32\drivers\usbport.sys - ok
00:36:04.0218 2772 [ 26496F9DEE2D787FC3E61AD54821FFE6 ] C:\WINDOWS\system32\drivers\usbuhci.sys
00:36:04.0218 2772 C:\WINDOWS\system32\drivers\usbuhci.sys - ok
00:36:04.0218 2772 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] C:\WINDOWS\system32\drivers\usbehci.sys
00:36:04.0218 2772 C:\WINDOWS\system32\drivers\usbehci.sys - ok
00:36:04.0218 2772 [ E9E47CFB2D461FA0FC75B7A74C6383EA ] C:\WINDOWS\system32\drivers\nic1394.sys
00:36:04.0218 2772 C:\WINDOWS\system32\drivers\nic1394.sys - ok
00:36:04.0218 2772 [ 67C9511A760149797E806FFD9F14AD37 ] C:\WINDOWS\system32\drivers\Rtnicxp.sys
00:36:04.0218 2772 C:\WINDOWS\system32\drivers\Rtnicxp.sys - ok
00:36:04.0218 2772 [ 23EA4D861FAA8A010DB153F9819FB4F7 ] C:\WINDOWS\system32\drivers\PCTELSAP.SYS
00:36:04.0218 2772 C:\WINDOWS\system32\drivers\PCTELSAP.SYS - ok
00:36:04.0218 2772 [ 0753515F78DF7F271A5E61C20BCD36A1 ] C:\WINDOWS\system32\drivers\ks.sys
00:36:04.0218 2772 C:\WINDOWS\system32\drivers\ks.sys - ok
00:36:04.0218 2772 [ 994A42D273C35B43EE9D1E8A5D8BC639 ] C:\WINDOWS\system32\drivers\AGRSM.sys
00:36:04.0218 2772 C:\WINDOWS\system32\drivers\AGRSM.sys - ok
00:36:04.0218 2772 [ 596EB39B50D6EBD9B734DC4AE0544693 ] C:\WINDOWS\system32\drivers\usbd.sys
00:36:04.0218 2772 C:\WINDOWS\system32\drivers\usbd.sys - ok
00:36:04.0218 2772 [ DFCBAD3CEC1C5F964962AE10E0BCC8E1 ] C:\WINDOWS\system32\drivers\modem.sys
00:36:04.0218 2772 C:\WINDOWS\system32\drivers\modem.sys - ok
00:36:04.0218 2772 [ 4A0B06AA8943C1E332520F7440C0AA30 ] C:\WINDOWS\system32\drivers\i8042prt.sys
00:36:04.0218 2772 C:\WINDOWS\system32\drivers\i8042prt.sys - ok
00:36:04.0218 2772 [ 5575FAF8F97CE5E713D108C2A58D7C7C ] C:\WINDOWS\system32\drivers\parport.sys
00:36:04.0218 2772 C:\WINDOWS\system32\drivers\parport.sys - ok
00:36:04.0218 2772 [ 463C1EC80CD17420A542B7F36A36F128 ] C:\WINDOWS\system32\drivers\kbdclass.sys
00:36:04.0218 2772 C:\WINDOWS\system32\drivers\kbdclass.sys - ok
00:36:04.0218 2772 [ 9B793A1FFD480155FE9EE5261153F21B ] C:\WINDOWS\system32\drivers\PS2.sys
00:36:04.0218 2772 C:\WINDOWS\system32\drivers\PS2.sys - ok
00:36:04.0218 2772 [ 083A052659F5310DD8B6A6CB05EDCF8E ] C:\WINDOWS\system32\drivers\imapi.sys
00:36:04.0218 2772 C:\WINDOWS\system32\drivers\imapi.sys - ok
00:36:04.0218 2772 [ 444F122E68DB44C0589227781F3C8B3F ] C:\WINDOWS\system32\drivers\pfc.sys
00:36:04.0218 2772 C:\WINDOWS\system32\drivers\pfc.sys - ok
00:36:04.0218 2772 [ F59C3569A2F2C464BB78CB1BDCDCA55E ] C:\WINDOWS\system32\drivers\iviaspi.sys
00:36:04.0218 2772 C:\WINDOWS\system32\drivers\iviaspi.sys - ok
00:36:04.0218 2772 [ 1F4260CC5B42272D71F79E570A27A4FE ] C:\WINDOWS\system32\drivers\cdrom.sys
00:36:04.0218 2772 C:\WINDOWS\system32\drivers\cdrom.sys - ok
00:36:04.0218 2772 [ F828DD7E1419B6653894A8F97A0094C5 ] C:\WINDOWS\system32\drivers\redbook.sys
00:36:04.0218 2772 C:\WINDOWS\system32\drivers\redbook.sys - ok
00:36:04.0218 2772 [ AB8A6A87D9D7255C3884D5B9541A6E80 ] C:\WINDOWS\system32\drivers\GEARAspiWDM.sys
00:36:04.0218 2772 C:\WINDOWS\system32\drivers\GEARAspiWDM.sys - ok
00:36:04.0218 2772 [ D9F724AA26C010A217C97606B160ED68 ] C:\WINDOWS\system32\drivers\audstub.sys
00:36:04.0218 2772 C:\WINDOWS\system32\drivers\audstub.sys - ok
00:36:04.0218 2772 [ 0109C4F3850DFBAB279542515386AE22 ] C:\WINDOWS\system32\drivers\ndistapi.sys
00:36:04.0218 2772 C:\WINDOWS\system32\drivers\ndistapi.sys - ok
00:36:04.0218 2772 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] C:\WINDOWS\system32\drivers\rasl2tp.sys
00:36:04.0218 2772 C:\WINDOWS\system32\drivers\rasl2tp.sys - ok
00:36:04.0218 2772 [ EDC1531A49C80614B2CFDA43CA8659AB ] C:\WINDOWS\system32\drivers\ndiswan.sys
00:36:04.0218 2772 C:\WINDOWS\system32\drivers\ndiswan.sys - ok
00:36:04.0234 2772 [ 5BC962F2654137C9909C3D4603587DEE ] C:\WINDOWS\system32\drivers\raspppoe.sys
00:36:04.0234 2772 C:\WINDOWS\system32\drivers\raspppoe.sys - ok
00:36:04.0234 2772 [ 0539D5E53587F82D1B4FD74C5BE205CF ] C:\WINDOWS\system32\drivers\tdi.sys
00:36:04.0234 2772 C:\WINDOWS\system32\drivers\tdi.sys - ok
00:36:04.0234 2772 [ 09298EC810B07E5D582CB3A3F9255424 ] C:\WINDOWS\system32\drivers\psched.sys
00:36:04.0234 2772 C:\WINDOWS\system32\drivers\psched.sys - ok
00:36:04.0234 2772 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] C:\WINDOWS\system32\drivers\raspptp.sys
00:36:04.0234 2772 C:\WINDOWS\system32\drivers\raspptp.sys - ok
00:36:04.0234 2772 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] C:\WINDOWS\system32\drivers\msgpc.sys
00:36:04.0234 2772 C:\WINDOWS\system32\drivers\msgpc.sys - ok
00:36:04.0234 2772 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] C:\WINDOWS\system32\drivers\ptilink.sys
00:36:04.0234 2772 C:\WINDOWS\system32\drivers\ptilink.sys - ok
00:36:04.0234 2772 [ FDBB1D60066FCFBB7452FD8F9829B242 ] C:\WINDOWS\system32\drivers\raspti.sys
00:36:04.0234 2772 C:\WINDOWS\system32\drivers\raspti.sys - ok
00:36:04.0234 2772 [ 88155247177638048422893737429D9E ] C:\WINDOWS\system32\drivers\termdd.sys
00:36:04.0234 2772 C:\WINDOWS\system32\drivers\termdd.sys - ok
00:36:04.0234 2772 [ 35C9E97194C8CFB8430125F8DBC34D04 ] C:\WINDOWS\system32\drivers\mouclass.sys
00:36:04.0234 2772 C:\WINDOWS\system32\drivers\mouclass.sys - ok
00:36:04.0234 2772 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] C:\WINDOWS\system32\drivers\swenum.sys
00:36:04.0234 2772 C:\WINDOWS\system32\drivers\swenum.sys - ok
00:36:04.0234 2772 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] C:\WINDOWS\system32\drivers\update.sys
00:36:04.0234 2772 C:\WINDOWS\system32\drivers\update.sys - ok
00:36:04.0234 2772 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] C:\WINDOWS\system32\drivers\mssmbios.sys
00:36:04.0234 2772 C:\WINDOWS\system32\drivers\mssmbios.sys - ok
00:36:04.0234 2772 [ 9282BD12DFB069D3889EB3FCC1000A9B ] C:\WINDOWS\system32\drivers\ndproxy.sys
00:36:04.0234 2772 C:\WINDOWS\system32\drivers\ndproxy.sys - ok
00:36:04.0234 2772 [ 6CB08593487F5701D2D2254E693EAFCE ] C:\WINDOWS\system32\drivers\drmk.sys
00:36:04.0234 2772 C:\WINDOWS\system32\drivers\drmk.sys - ok
00:36:04.0234 2772 [ E82A496C3961EFC6828B508C310CE98F ] C:\WINDOWS\system32\drivers\portcls.sys
00:36:04.0234 2772 C:\WINDOWS\system32\drivers\portcls.sys - ok
00:36:04.0234 2772 [ EAFD29C7918325B45E0DABAFD82EF75F ] C:\WINDOWS\system32\drivers\RtkHDAud.sys
00:36:04.0234 2772 C:\WINDOWS\system32\drivers\RtkHDAud.sys - ok
00:36:04.0234 2772 [ 1AB3CDDE553B6E064D2E754EFE20285C ] C:\WINDOWS\system32\drivers\usbhub.sys
00:36:04.0234 2772 C:\WINDOWS\system32\drivers\usbhub.sys - ok
00:36:04.0234 2772 [ C1B486A7658353D33A10CC15211A873B ] C:\WINDOWS\system32\drivers\cdaudio.sys
00:36:04.0234 2772 C:\WINDOWS\system32\drivers\cdaudio.sys - ok
00:36:04.0234 2772 [ 8E6B8C671615D126FDC553D1E2DE5562 ] C:\WINDOWS\system32\drivers\sfloppy.sys
00:36:04.0234 2772 C:\WINDOWS\system32\drivers\sfloppy.sys - ok
00:36:04.0234 2772 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] C:\WINDOWS\system32\drivers\fs_rec.sys
00:36:04.0234 2772 C:\WINDOWS\system32\drivers\fs_rec.sys - ok
00:36:04.0234 2772 [ DA1F27D85E0D1525F6621372E7B685E9 ] C:\WINDOWS\system32\drivers\beep.sys
00:36:04.0234 2772 C:\WINDOWS\system32\drivers\beep.sys - ok
00:36:04.0234 2772 [ 96ECCF28FDBF1B2CC12725818A63628D ] C:\WINDOWS\system32\drivers\hidparse.sys
00:36:04.0234 2772 C:\WINDOWS\system32\drivers\hidparse.sys - ok
00:36:04.0234 2772 [ 9EF487A186DEA361AA06913A75B3FA99 ] C:\WINDOWS\system32\drivers\kbdhid.sys
00:36:04.0234 2772 C:\WINDOWS\system32\drivers\kbdhid.sys - ok
00:36:04.0234 2772 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] C:\WINDOWS\system32\drivers\null.sys
00:36:04.0234 2772 C:\WINDOWS\system32\drivers\null.sys - ok
00:36:04.0234 2772 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] C:\WINDOWS\system32\drivers\vga.sys
00:36:04.0234 2772 C:\WINDOWS\system32\drivers\vga.sys - ok
00:36:04.0234 2772 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] C:\WINDOWS\system32\drivers\mnmdd.sys
00:36:04.0234 2772 C:\WINDOWS\system32\drivers\mnmdd.sys - ok
00:36:04.0234 2772 [ 4912D5B403614CE99C28420F75353332 ] C:\WINDOWS\system32\drivers\rdpcdd.sys
00:36:04.0234 2772 C:\WINDOWS\system32\drivers\rdpcdd.sys - ok
00:36:04.0234 2772 [ C941EA2454BA8350021D774DAF0F1027 ] C:\WINDOWS\system32\drivers\msfs.sys
00:36:04.0234 2772 C:\WINDOWS\system32\drivers\msfs.sys - ok
00:36:04.0234 2772 [ 23C74D75E36E7158768DD63D92789A91 ] C:\WINDOWS\system32\drivers\ipsec.sys
00:36:04.0234 2772 C:\WINDOWS\system32\drivers\ipsec.sys - ok
00:36:04.0250 2772 [ 3182D64AE053D6FB034F44B6DEF8034A ] C:\WINDOWS\system32\drivers\npfs.sys
00:36:04.0250 2772 C:\WINDOWS\system32\drivers\npfs.sys - ok
00:36:04.0250 2772 [ FE0D99D6F31E4FAD8159F690D68DED9C ] C:\WINDOWS\system32\drivers\rasacd.sys
00:36:04.0250 2772 C:\WINDOWS\system32\drivers\rasacd.sys - ok
00:36:04.0250 2772 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] C:\WINDOWS\system32\drivers\tcpip.sys
00:36:04.0250 2772 C:\WINDOWS\system32\drivers\tcpip.sys - ok
00:36:04.0250 2772 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] C:\WINDOWS\system32\drivers\afd.sys
00:36:04.0250 2772 C:\WINDOWS\system32\drivers\afd.sys - ok
00:36:04.0250 2772 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] C:\WINDOWS\system32\drivers\netbt.sys
00:36:04.0250 2772 C:\WINDOWS\system32\drivers\netbt.sys - ok
00:36:04.0250 2772 [ E20B95BAEDB550F32DD489265C1DA1F6 ] C:\WINDOWS\system32\drivers\wanarp.sys
00:36:04.0250 2772 C:\WINDOWS\system32\drivers\wanarp.sys - ok
00:36:04.0250 2772 [ B5B8A80875C1DEDEDA8B02765642C32F ] C:\WINDOWS\system32\drivers\arp1394.sys
00:36:04.0250 2772 C:\WINDOWS\system32\drivers\arp1394.sys - ok
00:36:04.0250 2772 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] C:\WINDOWS\system32\drivers\netbios.sys
00:36:04.0250 2772 C:\WINDOWS\system32\drivers\netbios.sys - ok
00:36:04.0250 2772 [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] C:\WINDOWS\system32\drivers\serial.sys
00:36:04.0250 2772 C:\WINDOWS\system32\drivers\serial.sys - ok
00:36:04.0250 2772 [ 8FCE268CDBDD83B23419D1F35F42C7B1 ] C:\WINDOWS\system32\drivers\amdk7.sys
00:36:04.0250 2772 C:\WINDOWS\system32\drivers\amdk7.sys - ok
00:36:04.0250 2772 [ 8C953733D8F36EB2133F5BB58808B66B ] C:\WINDOWS\system32\drivers\intelppm.sys
00:36:04.0250 2772 C:\WINDOWS\system32\drivers\intelppm.sys - ok
00:36:04.0250 2772 [ 02960A9C3F4E5178EDBD9C0D2D995B3B ] C:\WINDOWS\system32\drivers\srvkp.sys
00:36:04.0250 2772 C:\WINDOWS\system32\drivers\srvkp.sys - ok
00:36:04.0250 2772 [ 7AD224AD1A1437FE28D89CF22B17780A ] C:\WINDOWS\system32\drivers\rdbss.sys
00:36:04.0250 2772 C:\WINDOWS\system32\drivers\rdbss.sys - ok
00:36:04.0250 2772 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] C:\WINDOWS\system32\drivers\mrxsmb.sys
00:36:04.0250 2772 C:\WINDOWS\system32\drivers\mrxsmb.sys - ok
00:36:04.0250 2772 [ D45926117EB9FA946A6AF572FBE1CAA3 ] C:\WINDOWS\system32\drivers\fips.sys
00:36:04.0250 2772 C:\WINDOWS\system32\drivers\fips.sys - ok
00:36:04.0250 2772 [ 5F816C1F539266D2D4C78694239DA0B5 ] C:\WINDOWS\system32\smss.exe
00:36:04.0250 2772 C:\WINDOWS\system32\smss.exe - ok
00:36:04.0250 2772 [ F8F0D25CA553E39DDE485D8FC7FCCE89 ] C:\WINDOWS\system32\ntdll.dll
00:36:04.0250 2772 C:\WINDOWS\system32\ntdll.dll - ok
00:36:04.0250 2772 [ 23043C91A0F9DFB4B9E9F87B680863B4 ] C:\WINDOWS\system32\autochk.exe
00:36:04.0250 2772 C:\WINDOWS\system32\autochk.exe - ok
00:36:04.0250 2772 [ 173F317CE0DB8E21322E71B7E60A27E8 ] C:\WINDOWS\system32\drivers\usbccgp.sys
00:36:04.0250 2772 C:\WINDOWS\system32\drivers\usbccgp.sys - ok
00:36:04.0250 2772 [ 38D332A6D56AF32635675F132548343E ] C:\WINDOWS\system32\drivers\fastfat.sys
00:36:04.0250 2772 C:\WINDOWS\system32\drivers\fastfat.sys - ok
00:36:04.0250 2772 [ 9DD07AF82244867CA36681EA2D29CE79 ] C:\WINDOWS\system32\sfcfiles.dll
00:36:04.0250 2772 C:\WINDOWS\system32\sfcfiles.dll - ok
00:36:04.0250 2772 [ A32426D9B14A089EAA1D922E0C5801A9 ] C:\WINDOWS\system32\drivers\usbstor.sys
00:36:04.0250 2772 C:\WINDOWS\system32\drivers\usbstor.sys - ok
00:36:04.0250 2772 [ E2E588D92C8E151CD3515EE09FEC90E2 ] C:\WINDOWS\system32\drivers\rt2870.sys
00:36:04.0250 2772 C:\WINDOWS\system32\drivers\rt2870.sys - ok
00:36:04.0250 2772 [ 1AF592532532A402ED7C060F6954004F ] C:\WINDOWS\system32\drivers\hidclass.sys
00:36:04.0250 2772 C:\WINDOWS\system32\drivers\hidclass.sys - ok
00:36:04.0250 2772 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] C:\WINDOWS\system32\drivers\hidusb.sys
00:36:04.0250 2772 C:\WINDOWS\system32\drivers\hidusb.sys - ok
00:36:04.0250 2772 [ 01CC7FB6E790EF044B411377F3A1FF41 ] C:\WINDOWS\system32\drivers\LHidFilt.Sys
00:36:04.0250 2772 C:\WINDOWS\system32\drivers\LHidFilt.Sys - ok
00:36:04.0250 2772 [ FD47474BD21794508AF449D9D91AF6E6 ] C:\WINDOWS\system32\drivers\wdf01000.sys
00:36:04.0250 2772 C:\WINDOWS\system32\drivers\wdf01000.sys - ok
00:36:04.0250 2772 [ DED98A3E466251CCAB93D579144B048C ] C:\WINDOWS\system32\drivers\wdfldr.sys
00:36:04.0250 2772 C:\WINDOWS\system32\drivers\wdfldr.sys - ok
00:36:04.0250 2772 [ B1C303E17FB9D46E87A98E4BA6769685 ] C:\WINDOWS\system32\drivers\mouhid.sys
00:36:04.0250 2772 C:\WINDOWS\system32\drivers\mouhid.sys - ok
00:36:04.0250 2772 [ A2E7EAE8898D7B4B8C302B8F4E836BB5 ] C:\WINDOWS\system32\drivers\LMouFilt.Sys
00:36:04.0250 2772 C:\WINDOWS\system32\drivers\LMouFilt.Sys - ok
00:36:04.0265 2772 [ 2F31B7F954BED437F2C75026C65CAF7B ] C:\WINDOWS\system32\drivers\wmilib.sys
00:36:04.0265 2772 C:\WINDOWS\system32\drivers\wmilib.sys - ok
00:36:04.0265 2772 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] C:\WINDOWS\system32\drivers\atapi.sys
00:36:04.0265 2772 C:\WINDOWS\system32\drivers\atapi.sys - ok
00:36:04.0265 2772 [ FE97D0343ACFDEBDD578FC67CC91FA87 ] C:\WINDOWS\system32\drivers\dxapi.sys
00:36:04.0265 2772 C:\WINDOWS\system32\drivers\dxapi.sys - ok
00:36:04.0265 2772 [ 9A10AACBFDC4922715375FB4065EC930 ] C:\WINDOWS\system32\watchdog.sys
00:36:04.0265 2772 C:\WINDOWS\system32\watchdog.sys - ok
00:36:04.0265 2772 [ D6F934A361D7F0BE8271673988D4E7FD ] C:\WINDOWS\system32\win32k.sys
00:36:04.0265 2772 C:\WINDOWS\system32\win32k.sys - ok
00:36:04.0265 2772 [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll
00:36:04.0265 2772 C:\WINDOWS\system32\basesrv.dll - ok
00:36:04.0265 2772 [ DD40363ABAD230A84C5E2178B11EFA88 ] C:\WINDOWS\system32\csrsrv.dll
00:36:04.0265 2772 C:\WINDOWS\system32\csrsrv.dll - ok
00:36:04.0265 2772 [ 44F275C64738EA2056E3D9580C23B60F ] C:\WINDOWS\system32\csrss.exe
00:36:04.0265 2772 C:\WINDOWS\system32\csrss.exe - ok
00:36:04.0265 2772 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll
00:36:04.0265 2772 C:\WINDOWS\system32\winsrv.dll - ok
00:36:04.0265 2772 [ 8B1F3320AEBB536E021A5014409862DE ] C:\WINDOWS\system32\gdi32.dll
00:36:04.0265 2772 C:\WINDOWS\system32\gdi32.dll - ok
00:36:04.0265 2772 [ B921FB870C9AC0D509B2CCABBBBE95F3 ] C:\WINDOWS\system32\kernel32.dll
00:36:04.0265 2772 C:\WINDOWS\system32\kernel32.dll - ok
00:36:04.0265 2772 [ B26B135FF1B9F60C9388B4A7D16F600B ] C:\WINDOWS\system32\user32.dll
00:36:04.0265 2772 C:\WINDOWS\system32\user32.dll - ok
00:36:04.0265 2772 [ AC7280566A7BB85CB3291F04DDC1198E ] C:\WINDOWS\system32\drivers\dxg.sys
00:36:04.0265 2772 C:\WINDOWS\system32\drivers\dxg.sys - ok
00:36:04.0265 2772 [ A73F5D6705B1D820C19B18782E176EFD ] C:\WINDOWS\system32\drivers\dxgthk.sys
00:36:04.0265 2772 C:\WINDOWS\system32\drivers\dxgthk.sys - ok
00:36:04.0265 2772 [ F6AA886CAC3E2B64DBF1A99CCFC86806 ] C:\WINDOWS\system32\nv4_disp.dll
00:36:04.0265 2772 C:\WINDOWS\system32\nv4_disp.dll - ok
00:36:04.0265 2772 [ ECB7591870F8BFB1A4C17B718AD5A4AA ] C:\WINDOWS\system32\vga.dll
00:36:04.0265 2772 C:\WINDOWS\system32\vga.dll - ok
00:36:04.0265 2772 [ ED0EF0A136DEC83DF69F04118870003E ] C:\WINDOWS\system32\winlogon.exe
00:36:04.0265 2772 C:\WINDOWS\system32\winlogon.exe - ok
00:36:04.0265 2772 [ E76F8807070ED04E7408A86D6D3A6137 ] C:\WINDOWS\system32\advapi32.dll
00:36:04.0265 2772 C:\WINDOWS\system32\advapi32.dll - ok
00:36:04.0265 2772 [ D4502F124289A31976130CCCB014C9AA ] C:\WINDOWS\system32\rpcrt4.dll
00:36:04.0265 2772 C:\WINDOWS\system32\rpcrt4.dll - ok
00:36:04.0265 2772 [ 714705F29A917993536A6AB2DEDB0B7F ] C:\WINDOWS\system32\authz.dll
00:36:04.0265 2772 C:\WINDOWS\system32\authz.dll - ok
00:36:04.0265 2772 [ 355EDBB4D412B01F1740C17E3F50FA00 ] C:\WINDOWS\system32\msvcrt.dll
00:36:04.0265 2772 C:\WINDOWS\system32\msvcrt.dll - ok
00:36:04.0265 2772 [ 5357826C8A8DD6A07F17C48BB45BE46E ] C:\WINDOWS\system32\secur32.dll
00:36:04.0265 2772 C:\WINDOWS\system32\secur32.dll - ok
00:36:04.0265 2772 [ 64416C6E07606720C1ECE6DD374BDFFD ] C:\WINDOWS\system32\crypt32.dll
00:36:04.0265 2772 C:\WINDOWS\system32\crypt32.dll - ok
00:36:04.0265 2772 [ 04D898830DF96A17A20FD35D7590F87E ] C:\WINDOWS\system32\msasn1.dll
00:36:04.0265 2772 C:\WINDOWS\system32\msasn1.dll - ok
00:36:04.0265 2772 [ 013C1148C1EC025596896E093F60F608 ] C:\WINDOWS\system32\nddeapi.dll
00:36:04.0265 2772 C:\WINDOWS\system32\nddeapi.dll - ok
00:36:04.0265 2772 [ CAC752BF84DB4666ED3CE0948E6EA937 ] C:\WINDOWS\system32\netapi32.dll
00:36:04.0265 2772 C:\WINDOWS\system32\netapi32.dll - ok
00:36:04.0265 2772 [ FCFA1C55971CC229D353B3A15ACCD995 ] C:\WINDOWS\system32\profmap.dll
00:36:04.0265 2772 C:\WINDOWS\system32\profmap.dll - ok
00:36:04.0265 2772 [ 43D13C80EBEC0135A3611E0F616F179B ] C:\WINDOWS\system32\userenv.dll
00:36:04.0265 2772 C:\WINDOWS\system32\userenv.dll - ok
00:36:04.0265 2772 [ 9CFCB3CA3D83B4EAA133F0644A2C6F31 ] C:\WINDOWS\system32\psapi.dll
00:36:04.0265 2772 C:\WINDOWS\system32\psapi.dll - ok
00:36:04.0265 2772 [ AF11C591F2F4AFF4A6CF699D376F618B ] C:\WINDOWS\system32\regapi.dll
00:36:04.0265 2772 C:\WINDOWS\system32\regapi.dll - ok
00:36:04.0265 2772 [ 24192246760E0E64435522E246B1D6C2 ] C:\WINDOWS\system32\setupapi.dll
00:36:04.0265 2772 C:\WINDOWS\system32\setupapi.dll - ok
00:36:04.0265 2772 [ C7CE131408739B0B3A318BE2D0032719 ] C:\WINDOWS\system32\version.dll
00:36:04.0265 2772 C:\WINDOWS\system32\version.dll - ok
00:36:04.0265 2772 [ 430CEB794F6E6EF8AC86958C242366D6 ] C:\WINDOWS\system32\winsta.dll
00:36:04.0265 2772 C:\WINDOWS\system32\winsta.dll - ok
00:36:04.0281 2772 [ 95F5C420E9BDD4C3569602911420A774 ] C:\WINDOWS\system32\wintrust.dll
00:36:04.0281 2772 C:\WINDOWS\system32\wintrust.dll - ok
00:36:04.0281 2772 [ FFC01A72D1C25CCB39F61B202CE60819 ] C:\WINDOWS\system32\imagehlp.dll
00:36:04.0281 2772 C:\WINDOWS\system32\imagehlp.dll - ok
00:36:04.0281 2772 [ 9789E95E1D88EEB4B922BF3EA7779C28 ] C:\WINDOWS\system32\ws2help.dll
00:36:04.0281 2772 C:\WINDOWS\system32\ws2help.dll - ok
00:36:04.0281 2772 [ 2CCC474EB85CEAA3E1FA1726580A3E5A ] C:\WINDOWS\system32\ws2_32.dll
00:36:04.0281 2772 C:\WINDOWS\system32\ws2_32.dll - ok
00:36:04.0281 2772 [ 0DA85218E92526972A821587E6A8BF8F ] C:\WINDOWS\system32\imm32.dll
00:36:04.0281 2772 C:\WINDOWS\system32\imm32.dll - ok
00:36:04.0281 2772 [ DAB9952E3626D84E74CBF4958B1B1F52 ] C:\WINDOWS\system32\kbduk.dll
00:36:04.0281 2772 C:\WINDOWS\system32\kbduk.dll - ok
00:36:04.0281 2772 [ 56C5B179FE3308B655EB6208C3256FEC ] C:\WINDOWS\system32\kbdus.dll
00:36:04.0281 2772 C:\WINDOWS\system32\kbdus.dll - ok
00:36:04.0281 2772 [ D7B7A57C0E57C836F18CF12A4C62A1CA ] C:\WINDOWS\system32\msgina.dll
00:36:04.0281 2772 C:\WINDOWS\system32\msgina.dll - ok
00:36:04.0281 2772 [ 93AFB83FBC1F9443CAC722FCA63D73BF ] C:\WINDOWS\system32\comctl32.dll
00:36:04.0281 2772 C:\WINDOWS\system32\comctl32.dll - ok
00:36:04.0281 2772 [ 86987A5000DFA3EBE2275C0456BCF2FE ] C:\WINDOWS\system32\comdlg32.dll
00:36:04.0281 2772 C:\WINDOWS\system32\comdlg32.dll - ok
00:36:04.0281 2772 [ 40B0F98BAD16AD5DEF894E88C3EF8014 ] C:\WINDOWS\system32\odbc32.dll
00:36:04.0281 2772 C:\WINDOWS\system32\odbc32.dll - ok
00:36:04.0281 2772 [ 6843D54BC4A40CC8C5741AF750233D10 ] C:\WINDOWS\system32\shell32.dll
00:36:04.0281 2772 C:\WINDOWS\system32\shell32.dll - ok
00:36:04.0281 2772 [ C448A248B743F5FB935C787A5D97268B ] C:\WINDOWS\system32\shlwapi.dll
00:36:04.0281 2772 C:\WINDOWS\system32\shlwapi.dll - ok
00:36:04.0281 2772 [ 694503348B586E99D56C0E30AB5B3EF8 ] C:\WINDOWS\system32\sxs.dll
00:36:04.0281 2772 C:\WINDOWS\system32\sxs.dll - ok
00:36:04.0281 2772 [ 736B12B725AEB2B07F0241A9F680CB10 ] C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
00:36:04.0281 2772 C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll - ok
00:36:04.0281 2772 [ 6B7C6B32F8E84D56C6260D684019FEA2 ] C:\WINDOWS\system32\odbcint.dll
00:36:04.0281 2772 C:\WINDOWS\system32\odbcint.dll - ok
00:36:04.0281 2772 [ 99BC0B50F511924348BE19C7C7313BBF ] C:\WINDOWS\system32\shsvcs.dll
00:36:04.0281 2772 C:\WINDOWS\system32\shsvcs.dll - ok
00:36:04.0281 2772 [ 96E1C926F22EE1BFBAE82901A35F6BF3 ] C:\WINDOWS\system32\sfc.dll
00:36:04.0281 2772 C:\WINDOWS\system32\sfc.dll - ok
00:36:04.0281 2772 [ 6B5DB6789177A4FD0DEBC248041D0739 ] C:\WINDOWS\system32\sfc_os.dll
00:36:04.0281 2772 C:\WINDOWS\system32\sfc_os.dll - ok
00:36:04.0281 2772 [ 6BAD1BED9872E62049E487FB91AE2F3A ] C:\WINDOWS\system32\ole32.dll
00:36:04.0281 2772 C:\WINDOWS\system32\ole32.dll - ok
00:36:04.0281 2772 [ CF492D7E9AF1C628B3536D20EF6F5CC7 ] C:\WINDOWS\system32\apphelp.dll
00:36:04.0281 2772 C:\WINDOWS\system32\apphelp.dll - ok
00:36:04.0281 2772 [ BF2466B3E18E970D8A976FB95FC1CA85 ] C:\WINDOWS\system32\lsass.exe
00:36:04.0281 2772 C:\WINDOWS\system32\lsass.exe - ok
00:36:04.0281 2772 [ 473AEFCD0D33ED3BB04FC9755AE37DBF ] C:\WINDOWS\system32\savedump.exe
00:36:04.0281 2772 C:\WINDOWS\system32\savedump.exe - ok
00:36:04.0281 2772 [ 65DF52F5B8B6E9BBD183505225C37315 ] C:\WINDOWS\system32\services.exe
00:36:04.0281 2772 C:\WINDOWS\system32\services.exe - ok
00:36:04.0281 2772 [ BD31DC6DBE9333C4FBD4BDF0899F2160 ] C:\WINDOWS\system32\lsasrv.dll
00:36:04.0281 2772 C:\WINDOWS\system32\lsasrv.dll - ok
00:36:04.0281 2772 [ 06848C5A1674FE6C9B7E9CA9B5B4E6E5 ] C:\WINDOWS\system32\dbgeng.dll
00:36:04.0281 2772 C:\WINDOWS\system32\dbgeng.dll - ok
00:36:04.0281 2772 [ F404830F3CD9BF8F2515E489C0CDA297 ] C:\WINDOWS\system32\msvcp60.dll
00:36:04.0281 2772 C:\WINDOWS\system32\msvcp60.dll - ok
00:36:04.0281 2772 [ EC29A79F1E76DC509E24D401F29D0678 ] C:\WINDOWS\system32\ncobjapi.dll
00:36:04.0281 2772 C:\WINDOWS\system32\ncobjapi.dll - ok
00:36:04.0281 2772 [ DD7BD97FB8BD800963789158A5E4B41D ] C:\WINDOWS\system32\mpr.dll
00:36:04.0281 2772 C:\WINDOWS\system32\mpr.dll - ok
00:36:04.0281 2772 [ B24A42A413E694AD73FDFB7FBD492C31 ] C:\WINDOWS\system32\scesrv.dll
00:36:04.0281 2772 C:\WINDOWS\system32\scesrv.dll - ok
00:36:04.0281 2772 [ B6E6F3F5B63053D5DC1F4EE32992492F ] C:\WINDOWS\system32\dbghelp.dll
00:36:04.0281 2772 C:\WINDOWS\system32\dbghelp.dll - ok
00:36:04.0296 2772 [ EC4C0D9BFD9F7E33F8B395AD54E13063 ] C:\WINDOWS\system32\ntdsapi.dll
00:36:04.0296 2772 C:\WINDOWS\system32\ntdsapi.dll - ok
00:36:04.0296 2772 [ 389496118B3B03C2328024AF320132AC ] C:\WINDOWS\system32\dnsapi.dll
00:36:04.0296 2772 C:\WINDOWS\system32\dnsapi.dll - ok
00:36:04.0296 2772 [ 2EDFC2A8893435723AD80481803C6D5C ] C:\WINDOWS\system32\umpnpmgr.dll
00:36:04.0296 2772 C:\WINDOWS\system32\umpnpmgr.dll - ok
00:36:04.0296 2772 [ 1F03103598BD817B1078DAB1326DDE11 ] C:\WINDOWS\system32\shimeng.dll
00:36:04.0296 2772 C:\WINDOWS\system32\shimeng.dll - ok
00:36:04.0296 2772 [ 0492CF5870F0E616B0C71695A433D162 ] C:\WINDOWS\system32\wldap32.dll
00:36:04.0296 2772 C:\WINDOWS\system32\wldap32.dll - ok
00:36:04.0296 2772 [ EA9EE60B408878E5F2012F9C783836DB ] C:\WINDOWS\AppPatch\acadproc.dll
00:36:04.0296 2772 C:\WINDOWS\AppPatch\acadproc.dll - ok
00:36:04.0296 2772 [ 8329A39D5A402A75A74301D6A62ECDA1 ] C:\WINDOWS\system32\samlib.dll
00:36:04.0296 2772 C:\WINDOWS\system32\samlib.dll - ok
00:36:04.0296 2772 [ 310C15FD8358B2C4CD7A5B98A112883F ] C:\WINDOWS\AppPatch\acgenral.dll
00:36:04.0296 2772 C:\WINDOWS\AppPatch\acgenral.dll - ok
00:36:04.0296 2772 [ F05B8CDB7FE0E55DCCFB1D946CE80064 ] C:\WINDOWS\system32\samsrv.dll
00:36:04.0296 2772 C:\WINDOWS\system32\samsrv.dll - ok
00:36:04.0296 2772 [ 17A1D675C12BBF80CAAC54A4855C41D0 ] C:\WINDOWS\system32\cryptdll.dll
00:36:04.0296 2772 C:\WINDOWS\system32\cryptdll.dll - ok
00:36:04.0296 2772 [ 4A953F13942867BA8FB41F141EC1B80C ] C:\WINDOWS\system32\winmm.dll
00:36:04.0296 2772 C:\WINDOWS\system32\winmm.dll - ok
00:36:04.0296 2772 [ 1B2BE5777F69A71778F52FFEE1C798D6 ] C:\WINDOWS\system32\oleaut32.dll
00:36:04.0296 2772 C:\WINDOWS\system32\oleaut32.dll - ok
00:36:04.0296 2772 [ 2098AB52BD5316E59AA36F3437B13BE6 ] C:\WINDOWS\system32\msacm32.dll
00:36:04.0296 2772 C:\WINDOWS\system32\msacm32.dll - ok
00:36:04.0296 2772 [ 7A2CC3719B255E6B5D74396183B7715B ] C:\WINDOWS\system32\uxtheme.dll
00:36:04.0296 2772 C:\WINDOWS\system32\uxtheme.dll - ok
00:36:04.0296 2772 [ F24B12786D60A17008319E3F2AEE7799 ] C:\WINDOWS\system32\msapsspc.dll
00:36:04.0296 2772 C:\WINDOWS\system32\msapsspc.dll - ok
00:36:04.0296 2772 [ 0099D24356585743B0B35C222092FD8F ] C:\WINDOWS\system32\faultrep.dll
00:36:04.0296 2772 C:\WINDOWS\system32\faultrep.dll - ok
00:36:04.0296 2772 [ 7A660EDC0757849DF5F8706FB6E9F740 ] C:\WINDOWS\system32\msvcrt40.dll
00:36:04.0296 2772 C:\WINDOWS\system32\msvcrt40.dll - ok
00:36:04.0296 2772 [ 0F64207B49390C8063C36AE7CBF9C2DB ] C:\WINDOWS\system32\schannel.dll
00:36:04.0296 2772 C:\WINDOWS\system32\schannel.dll - ok
00:36:04.0296 2772 [ 0E2735281FBB9A764D5584C2A5DCBA59 ] C:\WINDOWS\system32\wtsapi32.dll
00:36:04.0296 2772 C:\WINDOWS\system32\wtsapi32.dll - ok
00:36:04.0296 2772 [ 3D76DD0CBC536E0F8C45D23ED230BEB2 ] C:\WINDOWS\system32\digest.dll
00:36:04.0296 2772 C:\WINDOWS\system32\digest.dll - ok
00:36:04.0296 2772 [ A4388DF80E52695AE92EE5F3F61F1619 ] C:\WINDOWS\system32\msnsspc.dll
00:36:04.0296 2772 C:\WINDOWS\system32\msnsspc.dll - ok
00:36:04.0296 2772 [ A525C96C51D55111FDF3BEA9FFFFC7AE ] C:\WINDOWS\system32\kerberos.dll
00:36:04.0296 2772 C:\WINDOWS\system32\kerberos.dll - ok
00:36:04.0296 2772 [ 3F790874A85819E94574F3E7AF9C5806 ] C:\WINDOWS\system32\msctfime.ime
00:36:04.0296 2772 C:\WINDOWS\system32\msctfime.ime - ok
00:36:04.0296 2772 [ C6BB1D1500DB4A0E224CB65E6C7E8A80 ] C:\WINDOWS\system32\msprivs.dll
00:36:04.0296 2772 C:\WINDOWS\system32\msprivs.dll - ok
00:36:04.0296 2772 [ 517561A1113B04E51D936CD018DE1C1F ] C:\WINDOWS\system32\msv1_0.dll
00:36:04.0296 2772 C:\WINDOWS\system32\msv1_0.dll - ok
00:36:04.0296 2772 [ AF07DC9B7CC455629E732340C7B15F3A ] C:\WINDOWS\system32\iphlpapi.dll
00:36:04.0296 2772 C:\WINDOWS\system32\iphlpapi.dll - ok
00:36:04.0296 2772 [ 1B7F071C51B77C272875C3A23E1E4550 ] C:\WINDOWS\system32\netlogon.dll
00:36:04.0296 2772 C:\WINDOWS\system32\netlogon.dll - ok
00:36:04.0296 2772 [ 1E644E3533DCE2B580A663AE1ACBD539 ] C:\WINDOWS\system32\atmfd.dll
00:36:04.0296 2772 C:\WINDOWS\system32\atmfd.dll - ok
00:36:04.0296 2772 [ 54AF4B1D5459500EF0937F6D33B1914F ] C:\WINDOWS\system32\w32time.dll
00:36:04.0296 2772 C:\WINDOWS\system32\w32time.dll - ok
00:36:04.0296 2772 [ 3AAF9B35939FF9E58CCD18D41655C2FC ] C:\WINDOWS\system32\wdigest.dll
00:36:04.0296 2772 C:\WINDOWS\system32\wdigest.dll - ok
00:36:04.0296 2772 [ 54DAE3EA34802B4ED9AE1C6B1209FA56 ] C:\WINDOWS\system32\rsaenh.dll
00:36:04.0296 2772 C:\WINDOWS\system32\rsaenh.dll - ok
00:36:04.0312 2772 [ 02988B904C386B500CD08639C4C20EEA ] C:\WINDOWS\system32\winscard.dll
00:36:04.0312 2772 C:\WINDOWS\system32\winscard.dll - ok
00:36:04.0312 2772 [ A86BB5E61BF3E39B62AB4C7E7085A084 ] C:\WINDOWS\system32\scecli.dll
00:36:04.0312 2772 C:\WINDOWS\system32\scecli.dll - ok
00:36:04.0312 2772 [ 27C6D03BCDB8CFEB96B716F3D8BE3E18 ] C:\WINDOWS\system32\svchost.exe
00:36:04.0312 2772 C:\WINDOWS\system32\svchost.exe - ok
00:36:04.0312 2772 [ 549290DBC280C887681D7652978DBBE0 ] C:\WINDOWS\system32\ntmarta.dll
00:36:04.0312 2772 C:\WINDOWS\system32\ntmarta.dll - ok
00:36:04.0312 2772 [ 6B27A5C03DFB94B4245739065431322C ] C:\WINDOWS\system32\rpcss.dll
00:36:04.0312 2772 C:\WINDOWS\system32\rpcss.dll - ok
00:36:04.0312 2772 [ 16403217AB6FC5C30C14C6B12098AD4B ] C:\WINDOWS\system32\xpsp2res.dll
00:36:04.0312 2772 C:\WINDOWS\system32\xpsp2res.dll - ok
00:36:04.0312 2772 [ 6D4FEB43EE538FC5428CC7F0565AA656 ] C:\WINDOWS\system32\eventlog.dll
00:36:04.0312 2772 C:\WINDOWS\system32\eventlog.dll - ok
00:36:04.0312 2772 [ 943337D786A56729263071623BBB9DE5 ] C:\WINDOWS\system32\mswsock.dll
00:36:04.0312 2772 C:\WINDOWS\system32\mswsock.dll - ok
00:36:04.0312 2772 [ 3CB32D3B8CBE79899D63280BB7A83CD9 ] C:\WINDOWS\system32\hnetcfg.dll
00:36:04.0312 2772 C:\WINDOWS\system32\hnetcfg.dll - ok
00:36:04.0312 2772 [ 0E3E56064E162EE9CC48698355098301 ] C:\Program Files\Bonjour\mdnsNSP.dll
00:36:04.0312 2772 C:\Program Files\Bonjour\mdnsNSP.dll - ok
00:36:04.0312 2772 [ 4E3D06D6E68EEDB52565080F55B460D3 ] C:\WINDOWS\system32\wshtcpip.dll
00:36:04.0312 2772 C:\WINDOWS\system32\wshtcpip.dll - ok
00:36:04.0312 2772 [ D72B9EC3337B247A666F098F3D6B43DE ] C:\WINDOWS\system32\winrnr.dll
00:36:04.0312 2772 C:\WINDOWS\system32\winrnr.dll - ok
00:36:04.0312 2772 [ 6F9BEF24C578D5D6740E080BEDD6A448 ] C:\WINDOWS\system32\rasadhlp.dll
00:36:04.0312 2772 C:\WINDOWS\system32\rasadhlp.dll - ok
00:36:04.0312 2772 [ AE93084D2D236887BA56467AE42B4955 ] C:\WINDOWS\system32\WudfSvc.dll
00:36:04.0312 2772 C:\WINDOWS\system32\WudfSvc.dll - ok
00:36:04.0312 2772 [ 904120AAB6EF27B6AF73C19D09EB2695 ] C:\WINDOWS\system32\WudfPlatform.dll
00:36:04.0312 2772 C:\WINDOWS\system32\WudfPlatform.dll - ok
00:36:04.0312 2772 [ 023867B6606FBABCDD52E089C4A507DA ] C:\WINDOWS\system32\drivers\AegisP.sys
00:36:04.0312 2772 C:\WINDOWS\system32\drivers\AegisP.sys - ok
00:36:04.0312 2772 [ F927A4434C5028758A842943EF1A3849 ] C:\WINDOWS\system32\drivers\ndisuio.sys
00:36:04.0312 2772 C:\WINDOWS\system32\drivers\ndisuio.sys - ok
00:36:04.0312 2772 [ 5E38D7684A49CACFB752B046357E0589 ] C:\WINDOWS\system32\dhcpcsvc.dll
00:36:04.0312 2772 C:\WINDOWS\system32\dhcpcsvc.dll - ok
00:36:04.0312 2772 [ 5F7E24FA9EAB896051FFB87F840730D2 ] C:\WINDOWS\system32\dnsrslvr.dll
00:36:04.0312 2772 C:\WINDOWS\system32\dnsrslvr.dll - ok
00:36:04.0312 2772 [ A7DB739AE99A796D91580147E919CC59 ] C:\WINDOWS\system32\lmhsvc.dll
00:36:04.0312 2772 C:\WINDOWS\system32\lmhsvc.dll - ok
00:36:04.0312 2772 [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] C:\WINDOWS\system32\wzcsvc.dll
00:36:04.0312 2772 C:\WINDOWS\system32\wzcsvc.dll - ok
00:36:04.0312 2772 [ 876CCF164E08D6B903CD14398E056DD2 ] C:\WINDOWS\system32\rtutils.dll
00:36:04.0312 2772 C:\WINDOWS\system32\rtutils.dll - ok
00:36:04.0312 2772 [ 224FB925C641DA16CEB6D60F40CA4C75 ] C:\WINDOWS\system32\atl.dll
00:36:04.0312 2772 C:\WINDOWS\system32\atl.dll - ok
00:36:04.0312 2772 [ E6EF7BC927D9F8F9BA1584BFC39E0C6F ] C:\WINDOWS\system32\eapolqec.dll
00:36:04.0312 2772 C:\WINDOWS\system32\eapolqec.dll - ok
00:36:04.0328 2772 [ 7B0770526801F05D58C51A3DFB87B4BD ] C:\WINDOWS\system32\wmi.dll
00:36:04.0328 2772 C:\WINDOWS\system32\wmi.dll - ok
00:36:04.0328 2772 [ 8E2CC37BA87D8F681066E0E9C8A19F73 ] C:\WINDOWS\system32\dot3api.dll
00:36:04.0328 2772 C:\WINDOWS\system32\dot3api.dll - ok
00:36:04.0328 2772 [ F5B754CDEA20BBB3A31E16A776EDE6D6 ] C:\WINDOWS\system32\esent.dll
00:36:04.0328 2772 C:\WINDOWS\system32\esent.dll - ok
00:36:04.0328 2772 [ 8AE93AACC648921BAACB8602991AC4B3 ] C:\WINDOWS\system32\qutil.dll
00:36:04.0328 2772 C:\WINDOWS\system32\qutil.dll - ok
00:36:04.0328 2772 [ F137A0CA70003DB20448D540651FA003 ] C:\WINDOWS\system32\clbcatq.dll
00:36:04.0328 2772 C:\WINDOWS\system32\clbcatq.dll - ok
00:36:04.0328 2772 [ 1280A158C722FA95A80FB7AEBE78FA7D ] C:\WINDOWS\system32\comres.dll
00:36:04.0328 2772 C:\WINDOWS\system32\comres.dll - ok
00:36:04.0328 2772 [ B714735C12A70171DE28657948FD91F1 ] C:\WINDOWS\system32\mlang.dll
00:36:04.0328 2772 C:\WINDOWS\system32\mlang.dll - ok
00:36:04.0328 2772 [ 6E4BE11D50F8A8DE2BAD644C9C9DE8D3 ] C:\WINDOWS\system32\cryptui.dll
00:36:04.0328 2772 C:\WINDOWS\system32\cryptui.dll - ok
00:36:04.0328 2772 [ A39BE37C9237DB5F1990D61B268EA555 ] C:\WINDOWS\system32\rastls.dll
00:36:04.0328 2772 C:\WINDOWS\system32\rastls.dll - ok
00:36:04.0328 2772 [ C4300CB4D20B1159DC77E01E8A2525EC ] C:\WINDOWS\system32\wininet.dll
00:36:04.0328 2772 C:\WINDOWS\system32\wininet.dll - ok
00:36:04.0328 2772 [ 10753A3ADC3E39A3B10CC3F08E98E6B4 ] C:\WINDOWS\system32\normaliz.dll
00:36:04.0328 2772 C:\WINDOWS\system32\normaliz.dll - ok
00:36:04.0328 2772 [ C9335D5B07E6A930BD561D35C431A0AF ] C:\WINDOWS\system32\urlmon.dll
00:36:04.0328 2772 C:\WINDOWS\system32\urlmon.dll - ok
00:36:04.0328 2772 [ 46485AE6433AF77F237C792D3DA11F48 ] C:\WINDOWS\system32\iertutil.dll
00:36:04.0328 2772 C:\WINDOWS\system32\iertutil.dll - ok
00:36:04.0328 2772 [ EA5B8BECA3F279C757578CD7F1E95855 ] C:\WINDOWS\system32\mprapi.dll
00:36:04.0328 2772 C:\WINDOWS\system32\mprapi.dll - ok
00:36:04.0328 2772 [ 2CDAE321B8E878A278BA2D2FA013060B ] C:\WINDOWS\system32\activeds.dll
00:36:04.0328 2772 C:\WINDOWS\system32\activeds.dll - ok
00:36:04.0328 2772 [ 0D84657DBF93DB98673DEFDF2B29E25A ] C:\WINDOWS\system32\adsldpc.dll
00:36:04.0328 2772 C:\WINDOWS\system32\adsldpc.dll - ok
00:36:04.0328 2772 [ 92C4F48B62B0B876194584C3FF09CCB6 ] C:\WINDOWS\system32\rasapi32.dll
00:36:04.0328 2772 C:\WINDOWS\system32\rasapi32.dll - ok
00:36:04.0328 2772 [ 4DEF926F6A0545AE486A03C84F2EE482 ] C:\WINDOWS\system32\rasman.dll
00:36:04.0328 2772 C:\WINDOWS\system32\rasman.dll - ok
00:36:04.0328 2772 [ 00AABF131B4823785818DB99A075A313 ] C:\WINDOWS\system32\tapi32.dll
00:36:04.0328 2772 C:\WINDOWS\system32\tapi32.dll - ok
00:36:04.0328 2772 [ C1FAEA15E41F62D7BFA7FBC395C24BA6 ] C:\WINDOWS\system32\riched20.dll
00:36:04.0328 2772 C:\WINDOWS\system32\riched20.dll - ok
00:36:04.0343 2772 [ 566382CA5F2C41FEAEEEFAC908F1EB92 ] C:\WINDOWS\system32\xmlprovi.dll
00:36:04.0343 2772 C:\WINDOWS\system32\xmlprovi.dll - ok
00:36:04.0343 2772 [ 767FF54A552732CE772C2302025FA82F ] C:\WINDOWS\system32\wzcsapi.dll
00:36:04.0343 2772 C:\WINDOWS\system32\wzcsapi.dll - ok
00:36:04.0343 2772 [ 56CE97FF94B7662A300D359CD6F4D601 ] C:\WINDOWS\system32\raschap.dll
00:36:04.0343 2772 C:\WINDOWS\system32\raschap.dll - ok
00:36:04.0343 2772 [ 2081A5B5E4ABA206A0A8A1A97DF0FB23 ] C:\WINDOWS\system32\logonui.exe
00:36:04.0343 2772 C:\WINDOWS\system32\logonui.exe - ok
00:36:04.0343 2772 [ 515A7FAE2070C2B0242B2353443E2F11 ] C:\WINDOWS\system32\cscdll.dll
00:36:04.0343 2772 C:\WINDOWS\system32\cscdll.dll - ok
00:36:04.0343 2772 [ E2092F0A1D7ABC243F9C2362483D150D ] C:\WINDOWS\system32\dimsntfy.dll
00:36:04.0343 2772 C:\WINDOWS\system32\dimsntfy.dll - ok
00:36:04.0343 2772 [ 0AC731A0956AF6092F76E8F5159D00C1 ] C:\Program Files\Common Files\Logishrd\Bluetooth\LBTWLgn.dll
00:36:04.0343 2772 C:\Program Files\Common Files\Logishrd\Bluetooth\LBTWLgn.dll - ok
00:36:04.0343 2772 [ 3D41A9326F0376FC73AF961DD23B1FB1 ] C:\WINDOWS\system32\duser.dll
00:36:04.0343 2772 C:\WINDOWS\system32\duser.dll - ok
00:36:04.0343 2772 [ AFFC87E2501FCE8F09D4C10BA6421CCF ] C:\WINDOWS\system32\msimg32.dll
00:36:04.0343 2772 C:\WINDOWS\system32\msimg32.dll - ok
00:36:04.0343 2772 [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] C:\WINDOWS\system32\schedsvc.dll
00:36:04.0343 2772 C:\WINDOWS\system32\schedsvc.dll - ok
00:36:04.0343 2772 [ 20200EE3CFE10E9F0C028D8653BE11C6 ] C:\WINDOWS\system32\oleacc.dll
00:36:04.0343 2772 C:\WINDOWS\system32\oleacc.dll - ok
00:36:04.0343 2772 [ E47E364C96467FD54FA44D59F927C3AB ] C:\WINDOWS\system32\msidle.dll
00:36:04.0343 2772 C:\WINDOWS\system32\msidle.dll - ok
00:36:04.0343 2772 [ E5EDBD51476DB5001ABF5C82AE5C3DD1 ] C:\WINDOWS\system32\shgina.dll
00:36:04.0343 2772 C:\WINDOWS\system32\shgina.dll - ok
00:36:04.0343 2772 [ 2CC34E8BB667EEF78899546E12649196 ] C:\WINDOWS\system32\wlnotify.dll
00:36:04.0343 2772 C:\WINDOWS\system32\wlnotify.dll - ok
00:36:04.0343 2772 [ 60784F891563FB1B767F70117FC2428F ] C:\WINDOWS\system32\spoolsv.exe
00:36:04.0343 2772 C:\WINDOWS\system32\spoolsv.exe - ok
00:36:04.0343 2772 [ BD83ABA61E8ACCC8D9FFB869F29418CE ] C:\WINDOWS\system32\winspool.drv
00:36:04.0343 2772 C:\WINDOWS\system32\winspool.drv - ok
00:36:04.0343 2772 [ DEF7A7882BEC100FE0B2CE2549188F9D ] C:\WINDOWS\system32\audiosrv.dll
00:36:04.0343 2772 C:\WINDOWS\system32\audiosrv.dll - ok
00:36:04.0343 2772 [ A8888A5327621856C0CEC4E385F69309 ] C:\WINDOWS\system32\wkssvc.dll
00:36:04.0343 2772 C:\WINDOWS\system32\wkssvc.dll - ok
00:36:04.0359 2772 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] C:\WINDOWS\system32\drivers\mrxdav.sys
00:36:04.0359 2772 C:\WINDOWS\system32\drivers\mrxdav.sys - ok
00:36:04.0359 2772 [ 77A354E28153AD2D5E120A5A8687BC06 ] C:\WINDOWS\system32\webclnt.dll
00:36:04.0359 2772 C:\WINDOWS\system32\webclnt.dll - ok
00:36:04.0359 2772 [ A8AA9D47F971570A5162B862B80F87E8 ] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
00:36:04.0359 2772 C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe - ok
00:36:04.0359 2772 [ 67156D5A9AC356DC99D7BCCB388E3316 ] C:\WINDOWS\system32\wsock32.dll
00:36:04.0359 2772 C:\WINDOWS\system32\wsock32.dll - ok
00:36:04.0359 2772 [ 9EFE4236F8670846B6E7C5B0EFF6E715 ] C:\Program Files\Bonjour\mDNSResponder.exe
00:36:04.0359 2772 C:\Program Files\Bonjour\mDNSResponder.exe - ok
00:36:04.0359 2772 [ C5A75EB48E2344ABDC162BDA79E16841 ] C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
00:36:04.0359 2772 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe - ok
00:36:04.0359 2772 [ E5F7C30EDF0892667933BE879F067D67 ] C:\WINDOWS\system32\msvcr100_clr0400.dll
00:36:04.0359 2772 C:\WINDOWS\system32\msvcr100_clr0400.dll - ok
00:36:04.0359 2772 [ 128DD9AF8640DBCC711940903C8B554F ] C:\WINDOWS\system32\mscoree.dll
00:36:04.0359 2772 C:\WINDOWS\system32\mscoree.dll - ok
00:36:04.0359 2772 [ 3D4E199942E29207970E04315D02AD3B ] C:\WINDOWS\system32\cryptsvc.dll
00:36:04.0359 2772 C:\WINDOWS\system32\cryptsvc.dll - ok
00:36:04.0359 2772 [ 00709952D444EAE14DBBD30D36FBAE0F ] C:\WINDOWS\system32\certcli.dll
00:36:04.0359 2772 C:\WINDOWS\system32\certcli.dll - ok
00:36:04.0359 2772 [ BC93B4A066477954555966D77FEC9ECB ] C:\WINDOWS\system32\ersvc.dll
00:36:04.0359 2772 C:\WINDOWS\system32\ersvc.dll - ok
00:36:04.0359 2772 [ D4991D98F2DB73C60D042F1AEF79EFAE ] C:\WINDOWS\system32\es.dll
00:36:04.0359 2772 C:\WINDOWS\system32\es.dll - ok
00:36:04.0359 2772 [ 80F08F50D248EEEEB9256F6522891D40 ] C:\Program Files\Java\jre7\bin\jqs.exe
00:36:04.0359 2772 C:\Program Files\Java\jre7\bin\jqs.exe - ok
00:36:04.0359 2772 [ 4FCCA060DFE0C51A09DD5C3843888BCD ] C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll
00:36:04.0359 2772 C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll - ok
00:36:04.0359 2772 [ DEB04DA35CC871B6D309B77E1443C796 ] C:\WINDOWS\system32\hidserv.dll
00:36:04.0359 2772 C:\WINDOWS\system32\hidserv.dll - ok
00:36:04.0359 2772 [ 67EC459E42D3081DD8FD34356F7CAFC1 ] C:\Program Files\Java\jre7\bin\msvcr100.dll
00:36:04.0359 2772 C:\Program Files\Java\jre7\bin\msvcr100.dll - ok
00:36:04.0359 2772 [ 8973122796E3B5D6B5900FC186E55FEA ] C:\WINDOWS\system32\hid.dll
00:36:04.0359 2772 C:\WINDOWS\system32\hid.dll - ok
00:36:04.0359 2772 [ 369F7B1A4F358B976176556A1A331F36 ] C:\WINDOWS\system32\odbcbcp.dll
00:36:04.0359 2772 C:\WINDOWS\system32\odbcbcp.dll - ok
00:36:04.0359 2772 [ 62CF83A6989312A0DD39BBFFB3D1C166 ] C:\WINDOWS\system32\pdh.dll
00:36:04.0359 2772 C:\WINDOWS\system32\pdh.dll - ok
00:36:04.0359 2772 [ BE2DC24D403643A2D1D98F33C7087B38 ] C:\WINDOWS\system32\drivers\LBeepKE.sys
00:36:04.0359 2772 C:\WINDOWS\system32\drivers\LBeepKE.sys - ok
00:36:04.0359 2772 [ 3A7C3CBE5D96B8AE96CE81F0B22FB527 ] C:\WINDOWS\system32\srvsvc.dll
00:36:04.0359 2772 C:\WINDOWS\system32\srvsvc.dll - ok
00:36:04.0359 2772 [ 85B16A92B117A5A800032ECD904B86DB ] C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
00:36:04.0359 2772 C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe - ok
00:36:04.0359 2772 [ 20FD44370267CCD0A64A1B31861C21D2 ] C:\WINDOWS\system32\netmsg.dll
00:36:04.0359 2772 C:\WINDOWS\system32\netmsg.dll - ok
00:36:04.0359 2772 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] C:\WINDOWS\system32\drivers\srv.sys
00:36:04.0359 2772 C:\WINDOWS\system32\drivers\srv.sys - ok
00:36:04.0359 2772 [ ACDAFCD14EC0ECE89198503746A5C147 ] C:\WINDOWS\system32\perfos.dll
00:36:04.0359 2772 C:\WINDOWS\system32\perfos.dll - ok
00:36:04.0359 2772 [ C0F7C25EEFB1C5FD554AAA801201A83C ] C:\Program Files\Malwarebytes' Anti-Malware\mbam.dll
00:36:04.0359 2772 C:\Program Files\Malwarebytes' Anti-Malware\mbam.dll - ok
00:36:04.0359 2772 [ ABFB673B24A9B3287761D497529FB5B9 ] C:\WINDOWS\system32\perfdisk.dll
00:36:04.0359 2772 C:\WINDOWS\system32\perfdisk.dll - ok
00:36:04.0359 2772 [ C885B02847F5D2FD45A24E219ED93B32 ] C:\WINDOWS\system32\drivers\cdfs.sys
00:36:04.0359 2772 C:\WINDOWS\system32\drivers\cdfs.sys - ok
00:36:04.0359 2772 [ A8AD2773202A3913D1E1564BD5703183 ] C:\Program Files\Malwarebytes' Anti-Malware\mbamnet.dll
00:36:04.0359 2772 C:\Program Files\Malwarebytes' Anti-Malware\mbamnet.dll - ok
00:36:04.0375 2772 [ 79E3A8C328E7E569C32B0998377D9742 ] C:\WINDOWS\system32\spoolss.dll
00:36:04.0375 2772 C:\WINDOWS\system32\spoolss.dll - ok
00:36:04.0375 2772 [ 5677DFE438EC1F009273FC84FEED6B10 ] C:\WINDOWS\system32\localspl.dll
00:36:04.0375 2772 C:\WINDOWS\system32\localspl.dll - ok
00:36:04.0375 2772 [ 5D3D1AB0EF4EA55B731863050482C111 ] C:\WINDOWS\system32\cnbjmon.dll
00:36:04.0375 2772 C:\WINDOWS\system32\cnbjmon.dll - ok
00:36:04.0375 2772 [ BDB83C844EDEC9BD01A94750D2C38DDF ] C:\WINDOWS\system32\fxsevent.dll
00:36:04.0375 2772 C:\WINDOWS\system32\fxsevent.dll - ok
00:36:04.0375 2772 [ CC6292CA575E851E5B74BF8883AB967A ] C:\WINDOWS\system32\fxsmon.dll
00:36:04.0375 2772 C:\WINDOWS\system32\fxsmon.dll - ok
00:36:04.0375 2772 [ 222DE7F5EDB9DDBE628384A1A8BE59CE ] C:\WINDOWS\system32\pjlmon.dll
00:36:04.0375 2772 C:\WINDOWS\system32\pjlmon.dll - ok
00:36:04.0375 2772 [ C52CE534397E1D3A442FB4C88A3CBE42 ] C:\WINDOWS\system32\msonpmon.dll
00:36:04.0375 2772 C:\WINDOWS\system32\msonpmon.dll - ok
00:36:04.0375 2772 [ C9564CF4976E7E96B4052737AA2492B4 ] C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\msvcr80.dll
00:36:04.0375 2772 C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\msvcr80.dll - ok
00:36:04.0375 2772 [ D3F72D50DE53F9F1F55240115AF4D42E ] C:\WINDOWS\system32\msi.dll
00:36:04.0375 2772 C:\WINDOWS\system32\msi.dll - ok
00:36:04.0375 2772 [ AE0382AD9C73D343D85E1A50C80B7C20 ] C:\WINDOWS\system32\tcpmon.dll
00:36:04.0375 2772 C:\WINDOWS\system32\tcpmon.dll - ok
00:36:04.0375 2772 [ 1633409E67F1BD6E5AC8ECB9CD5D2027 ] C:\WINDOWS\system32\nvsvc32.exe
00:36:04.0375 2772 C:\WINDOWS\system32\nvsvc32.exe - ok
00:36:04.0375 2772 [ EEE7F12D9FF46F68FBC0DA059A359E9E ] C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll
00:36:04.0375 2772 C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll - ok
00:36:04.0375 2772 [ F26385E8BA4549B5186B774EC0E45D86 ] C:\WINDOWS\system32\usbmon.dll
00:36:04.0375 2772 C:\WINDOWS\system32\usbmon.dll - ok
00:36:04.0375 2772 [ F348280907B38FDBDB3CEF55D456E149 ] C:\WINDOWS\system32\spool\prtprocs\w32x86\msonpppr.dll
00:36:04.0375 2772 C:\WINDOWS\system32\spool\prtprocs\w32x86\msonpppr.dll - ok
00:36:04.0375 2772 [ 50A166237A0FA771261275A405646CC0 ] C:\WINDOWS\system32\powrprof.dll
00:36:04.0375 2772 C:\WINDOWS\system32\powrprof.dll - ok
00:36:04.0375 2772 [ 291778DFEBAA278B451D457B03C10AC1 ] C:\WINDOWS\system32\win32spl.dll
00:36:04.0375 2772 C:\WINDOWS\system32\win32spl.dll - ok
00:36:04.0375 2772 [ 53B518B36FF81CB21334E43237B7B461 ] C:\Program Files\Arcadyan Wireless\pctwpasv.exe
00:36:04.0375 2772 C:\Program Files\Arcadyan Wireless\pctwpasv.exe - ok
00:36:04.0375 2772 [ A4DF135D9CBE77CD3F6E272558C2B907 ] C:\WINDOWS\system32\nvcpl.dll
00:36:04.0375 2772 C:\WINDOWS\system32\nvcpl.dll - ok
00:36:04.0375 2772 [ B41D53899E37CC43DA85DA19998BEE81 ] C:\WINDOWS\system32\netrap.dll
00:36:04.0375 2772 C:\WINDOWS\system32\netrap.dll - ok
00:36:04.0375 2772 [ 90FCB99048A4E6527B7F9AE28D896D50 ] C:\WINDOWS\system32\PCTIN50.dll
00:36:04.0375 2772 C:\WINDOWS\system32\PCTIN50.dll - ok
00:36:04.0375 2772 [ 5F0CE62E0831CF972EC6949FD3E37DA7 ] C:\WINDOWS\system32\cfgmgr32.dll
00:36:04.0375 2772 C:\WINDOWS\system32\cfgmgr32.dll - ok
00:36:04.0375 2772 [ EE4C651A217B01D636B5364AC77DA892 ] C:\WINDOWS\system32\inetpp.dll
00:36:04.0375 2772 C:\WINDOWS\system32\inetpp.dll - ok
00:36:04.0375 2772 [ 332760FBA1655FCFD35BD6F4FD871300 ] C:\WINDOWS\system32\ipsecsvc.dll
00:36:04.0375 2772 C:\WINDOWS\system32\ipsecsvc.dll - ok
00:36:04.0375 2772 [ C5FF8682EADA5B3B27A865F1C3EF9270 ] C:\WINDOWS\system32\oakley.dll
00:36:04.0375 2772 C:\WINDOWS\system32\oakley.dll - ok
00:36:04.0375 2772 [ CBE612E2BB6A10E3563336191EDA1250 ] C:\WINDOWS\system32\seclogon.dll
00:36:04.0375 2772 C:\WINDOWS\system32\seclogon.dll - ok
00:36:04.0375 2772 [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] C:\WINDOWS\system32\sens.dll
00:36:04.0375 2772 C:\WINDOWS\system32\sens.dll - ok
00:36:04.0375 2772 [ 60C377BE6B3CC83F6A8584934B181D2E ] C:\WINDOWS\system32\snmp.exe
00:36:04.0375 2772 C:\WINDOWS\system32\snmp.exe - ok
00:36:04.0375 2772 [ 5C1F0537E61F87B435F56E00B4F20EE8 ] C:\WINDOWS\system32\snmpapi.dll
00:36:04.0375 2772 C:\WINDOWS\system32\snmpapi.dll - ok
00:36:04.0375 2772 [ 248712EA6BA17B9FF0C542A3828375DD ] C:\WINDOWS\system32\winipsec.dll
00:36:04.0375 2772 C:\WINDOWS\system32\winipsec.dll - ok
00:36:04.0375 2772 [ 853D0D0C6F02D7BFDF1CF99DD7553732 ] C:\WINDOWS\system32\pstorsvc.dll
00:36:04.0375 2772 C:\WINDOWS\system32\pstorsvc.dll - ok
00:36:04.0375 2772 [ 3805DF0AC4296A34BA4BF93B346CC378 ] C:\WINDOWS\system32\srsvc.dll
00:36:04.0375 2772 C:\WINDOWS\system32\srsvc.dll - ok
00:36:04.0375 2772 [ 7AC9F99C9E12A5C0C35B0A9891543AEC ] C:\WINDOWS\system32\lmmib2.dll
00:36:04.0375 2772 C:\WINDOWS\system32\lmmib2.dll - ok
00:36:04.0375 2772 [ 22D89D84E8E081CDA529DBF8C0255A38 ] C:\WINDOWS\system32\psbase.dll
00:36:04.0375 2772 C:\WINDOWS\system32\psbase.dll - ok
00:36:04.0390 2772 [ 63E8D944AFBEEBB243F25C4ED07E74C5 ] C:\WINDOWS\system32\inetmib1.dll
00:36:04.0390 2772 C:\WINDOWS\system32\inetmib1.dll - ok
00:36:04.0390 2772 [ 3CB78C17BB664637787C9A1C98F79C38 ] C:\WINDOWS\system32\tapisrv.dll
00:36:04.0390 2772 C:\WINDOWS\system32\tapisrv.dll - ok
00:36:04.0390 2772 [ 8BAD69CBAC032D4BBACFCE0306174C30 ] C:\WINDOWS\system32\wiaservc.dll
00:36:04.0390 2772 C:\WINDOWS\system32\wiaservc.dll - ok
00:36:04.0390 2772 [ FEDE68BF80052BAD393AFD5C2E60DCB0 ] C:\WINDOWS\system32\dssenh.dll
00:36:04.0390 2772 C:\WINDOWS\system32\dssenh.dll - ok
00:36:04.0390 2772 [ C744B07A16F5FBAAF2892716F4DBCB1B ] C:\WINDOWS\system32\hostmib.dll
00:36:04.0390 2772 C:\WINDOWS\system32\hostmib.dll - ok
00:36:04.0390 2772 [ 4AC2FA4A6F0DF2511BAC13393C06EFF1 ] C:\WINDOWS\system32\mscms.dll
00:36:04.0390 2772 C:\WINDOWS\system32\mscms.dll - ok
00:36:04.0390 2772 [ 55BCA12F7F523D35CA3CB833C725F54E ] C:\WINDOWS\system32\trkwks.dll
00:36:04.0390 2772 C:\WINDOWS\system32\trkwks.dll - ok
00:36:04.0390 2772 [ 2D0E4ED081963804CCC196A0929275B5 ] C:\WINDOWS\system32\wbem\wmisvc.dll
00:36:04.0390 2772 C:\WINDOWS\system32\wbem\wmisvc.dll - ok
00:36:04.0390 2772 [ ACACB8B14E66109B8ACD6644B5574B9A ] C:\WINDOWS\system32\vssapi.dll
00:36:04.0390 2772 C:\WINDOWS\system32\vssapi.dll - ok
00:36:04.0390 2772 [ CFD4E51402DA9838B5A04AE680AF54A0 ] C:\WINDOWS\system32\browser.dll
00:36:04.0390 2772 C:\WINDOWS\system32\browser.dll - ok
00:36:04.0390 2772 [ E97D6A8684466DF94FF3BC24FB787A07 ] C:\WINDOWS\system32\fxssvc.exe
00:36:04.0390 2772 C:\WINDOWS\system32\fxssvc.exe - ok
00:36:04.0390 2772 [ ED0C0DF222209E43AD9AFBF3FE87DDE0 ] C:\WINDOWS\system32\comsvcs.dll
00:36:04.0390 2772 C:\WINDOWS\system32\comsvcs.dll - ok
00:36:04.0390 2772 [ 235892E493845D64D890163CFEF90E97 ] C:\WINDOWS\system32\credui.dll
00:36:04.0390 2772 C:\WINDOWS\system32\credui.dll - ok
00:36:04.0390 2772 [ 1144EF6B4BB72E33B41912AE1AE4F97A ] C:\WINDOWS\system32\fxstiff.dll
00:36:04.0390 2772 C:\WINDOWS\system32\fxstiff.dll - ok
00:36:04.0390 2772 [ 0329D0A4F230094B669A87BB3B85606E ] C:\WINDOWS\system32\fxsapi.dll
00:36:04.0390 2772 C:\WINDOWS\system32\fxsapi.dll - ok
00:36:04.0390 2772 [ 690D97864735E8ECD87F55777E266690 ] C:\WINDOWS\system32\colbact.dll
00:36:04.0390 2772 C:\WINDOWS\system32\colbact.dll - ok
00:36:04.0390 2772 [ 36795A645EAA47FE31D2A8F136A2C69B ] C:\WINDOWS\system32\mtxclu.dll
00:36:04.0390 2772 C:\WINDOWS\system32\mtxclu.dll - ok
00:36:04.0390 2772 [ DF82E222578DBE59FCBBD69A02E4C806 ] C:\WINDOWS\system32\clusapi.dll
00:36:04.0390 2772 C:\WINDOWS\system32\clusapi.dll - ok
00:36:04.0390 2772 [ C14AA05881A35B6D6BB8D55B117EE22D ] C:\WINDOWS\system32\shfolder.dll
00:36:04.0390 2772 C:\WINDOWS\system32\shfolder.dll - ok
00:36:04.0390 2772 [ 0CE5F8AE9C371A965D17E3F2ED134809 ] C:\WINDOWS\system32\fxst30.dll
00:36:04.0390 2772 C:\WINDOWS\system32\fxst30.dll - ok
00:36:04.0390 2772 [ F51EBB6FC536A6B2D588FD668D3A8249 ] C:\WINDOWS\system32\resutils.dll
00:36:04.0390 2772 C:\WINDOWS\system32\resutils.dll - ok
00:36:04.0390 2772 [ 912B67BB8249925A5C972FC5839EAE09 ] C:\WINDOWS\system32\actxprxy.dll
00:36:04.0390 2772 C:\WINDOWS\system32\actxprxy.dll - ok
00:36:04.0390 2772 [ 2D583E2844FDD592D1629EB6B10E5702 ] C:\WINDOWS\system32\fxsroute.dll
00:36:04.0390 2772 C:\WINDOWS\system32\fxsroute.dll - ok
00:36:04.0390 2772 [ AACE07FE34FADDDF973CE068A6424957 ] C:\WINDOWS\system32\unimdm.tsp
00:36:04.0390 2772 C:\WINDOWS\system32\unimdm.tsp - ok
00:36:04.0390 2772 [ 995252FCC4692B5B97EE17D596C9386E ] C:\WINDOWS\system32\uniplat.dll
00:36:04.0390 2772 C:\WINDOWS\system32\uniplat.dll - ok
00:36:04.0390 2772 [ 8024D3127CEF94313F1EF7BFF08E3CE8 ] C:\WINDOWS\system32\nvapi.dll
00:36:04.0390 2772 C:\WINDOWS\system32\nvapi.dll - ok
00:36:04.0390 2772 [ 19AE6CBA05B9005698A6DEDCC88F202E ] C:\WINDOWS\system32\unimdmat.dll
00:36:04.0390 2772 C:\WINDOWS\system32\unimdmat.dll - ok
00:36:04.0390 2772 [ FE4A73CDBC882A19D070F1C01586E81A ] C:\WINDOWS\system32\modemui.dll
00:36:04.0390 2772 C:\WINDOWS\system32\modemui.dll - ok
00:36:04.0390 2772 [ 744AE70A13159554BE527CB3409AD604 ] C:\WINDOWS\system32\nvdisps.dll
00:36:04.0390 2772 C:\WINDOWS\system32\nvdisps.dll - ok
00:36:04.0390 2772 [ 76EC97C5068D3D9FAA7774B0F659D31A ] C:\WINDOWS\system32\kmddsp.tsp
00:36:04.0390 2772 C:\WINDOWS\system32\kmddsp.tsp - ok
00:36:04.0390 2772 [ 6A473B625E465946F73FB2C24412656C ] C:\WINDOWS\system32\snmpmib.dll
00:36:04.0390 2772 C:\WINDOWS\system32\snmpmib.dll - ok
00:36:04.0390 2772 [ 14390243E43F290A61B0B1FB3602DC4F ] C:\WINDOWS\system32\evntagnt.dll
00:36:04.0390 2772 C:\WINDOWS\system32\evntagnt.dll - ok
00:36:04.0390 2772 [ 4589963D84F2984FA5949A72162BA4F4 ] C:\WINDOWS\system32\ndptsp.tsp
00:36:04.0390 2772 C:\WINDOWS\system32\ndptsp.tsp - ok
00:36:04.0406 2772 [ 8B8A45DF7CEF36D93C7BD3E4C84003B8 ] C:\WINDOWS\system32\ipconf.tsp
00:36:04.0406 2772 C:\WINDOWS\system32\ipconf.tsp - ok
00:36:04.0406 2772 [ 8BC2B02DC11C98D14CEE43B8E8393FF3 ] C:\WINDOWS\system32\h323.tsp
00:36:04.0406 2772 C:\WINDOWS\system32\h323.tsp - ok
00:36:04.0406 2772 [ 384DA6A9C70889F01B99888C5E07072C ] C:\WINDOWS\system32\igmpagnt.dll
00:36:04.0406 2772 C:\WINDOWS\system32\igmpagnt.dll - ok
00:36:04.0406 2772 [ 6B552ED3BEE5AA3C4560478FF779BA98 ] C:\WINDOWS\system32\hidphone.tsp
00:36:04.0406 2772 C:\WINDOWS\system32\hidphone.tsp - ok
00:36:04.0406 2772 [ 93F02F396720478C656D65ECFB65A497 ] C:\WINDOWS\system32\mcastmib.dll
00:36:04.0406 2772 C:\WINDOWS\system32\mcastmib.dll - ok
00:36:04.0406 2772 [ D022E59E6F132660B2D7E66D41FFB341 ] C:\WINDOWS\system32\rtipxmib.dll
00:36:04.0406 2772 C:\WINDOWS\system32\rtipxmib.dll - ok
00:36:04.0406 2772 [ 085ED2E391A871C7BAE87E0228B546BA ] C:\WINDOWS\system32\cscui.dll
00:36:04.0406 2772 C:\WINDOWS\system32\cscui.dll - ok
00:36:04.0406 2772 [ 3E2F3E2F4A82B7FAE23BAB864FB0F837 ] C:\WINDOWS\system32\dpcdll.dll
00:36:04.0406 2772 C:\WINDOWS\system32\dpcdll.dll - ok
00:36:04.0406 2772 [ 680B56A8B62D1BCF4A0B2AAAD03D88E4 ] C:\WINDOWS\system32\wdmaud.drv
00:36:04.0406 2772 C:\WINDOWS\system32\wdmaud.drv - ok
00:36:04.0406 2772 [ 6768ACF64B18196494413695F0C3A00F ] C:\WINDOWS\system32\drivers\wdmaud.sys
00:36:04.0406 2772 C:\WINDOWS\system32\drivers\wdmaud.sys - ok
00:36:04.0406 2772 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] C:\WINDOWS\system32\drivers\sysaudio.sys
00:36:04.0406 2772 C:\WINDOWS\system32\drivers\sysaudio.sys - ok
00:36:04.0406 2772 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] C:\WINDOWS\system32\drivers\splitter.sys
00:36:04.0406 2772 C:\WINDOWS\system32\drivers\splitter.sys - ok
00:36:04.0406 2772 [ 037B1E7798960E0420003D05BB577EE6 ] C:\WINDOWS\system32\rundll32.exe
00:36:04.0406 2772 C:\WINDOWS\system32\rundll32.exe - ok
00:36:04.0406 2772 [ 8BED39E3C35D6A489438B8141717A557 ] C:\WINDOWS\system32\drivers\aec.sys
00:36:04.0406 2772 C:\WINDOWS\system32\drivers\aec.sys - ok
00:36:04.0406 2772 [ 8A208DFCF89792A484E76C40E5F50B45 ] C:\WINDOWS\system32\drivers\dmusic.sys
00:36:04.0406 2772 C:\WINDOWS\system32\drivers\dmusic.sys - ok
00:36:04.0406 2772 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] C:\WINDOWS\system32\drivers\swmidi.sys
00:36:04.0406 2772 C:\WINDOWS\system32\drivers\swmidi.sys - ok
00:36:04.0406 2772 [ 692BCF44383D056AED41B045A323D378 ] C:\WINDOWS\system32\drivers\kmixer.sys
00:36:04.0406 2772 C:\WINDOWS\system32\drivers\kmixer.sys - ok
00:36:04.0406 2772 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] C:\WINDOWS\system32\drivers\drmkaud.sys
00:36:04.0406 2772 C:\WINDOWS\system32\drivers\drmkaud.sys - ok
00:36:04.0406 2772 [ FF3477C03BE7201C294C35F684B3479F ] C:\WINDOWS\system32\termsrv.dll
00:36:04.0406 2772 C:\WINDOWS\system32\termsrv.dll - ok
00:36:04.0406 2772 [ DF6551E4C4C46655A0C76194F1FCEA5D ] C:\WINDOWS\system32\icaapi.dll
00:36:04.0406 2772 C:\WINDOWS\system32\icaapi.dll - ok
00:36:04.0406 2772 [ 2D65D56C2F8B6CC5EBFF8E7200C30304 ] C:\WINDOWS\system32\mstlsapi.dll
00:36:04.0406 2772 C:\WINDOWS\system32\mstlsapi.dll - ok
00:36:04.0406 2772 [ 9A3BD5F55AADFF859539142F6328A66E ] C:\WINDOWS\system32\msacm32.drv
00:36:04.0406 2772 C:\WINDOWS\system32\msacm32.drv - ok
00:36:04.0406 2772 [ 5C12660A97822F6E61576943B49AAAD6 ] C:\WINDOWS\system32\midimap.dll
00:36:04.0406 2772 C:\WINDOWS\system32\midimap.dll - ok
00:36:04.0406 2772 [ A93AEE1928A9D7CE3E16D24EC7380F89 ] C:\WINDOWS\system32\userinit.exe
00:36:04.0406 2772 C:\WINDOWS\system32\userinit.exe - ok
00:36:04.0406 2772 [ 480A97A55E986FA4733282D67737FAF8 ] C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\yjpdmegv\hphswemj.exe
00:36:04.0406 2772 C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\yjpdmegv\hphswemj.exe - ok
00:36:04.0406 2772 [ 12896823FB95BFB3DC9B46BCAEDC9923 ] C:\WINDOWS\explorer.exe
00:36:04.0406 2772 C:\WINDOWS\explorer.exe - ok
00:36:04.0406 2772 [ DEFEE5DEDD20C1E15532E88D5A4F7C96 ] C:\WINDOWS\system32\browseui.dll
00:36:04.0406 2772 C:\WINDOWS\system32\browseui.dll - ok
00:36:04.0406 2772 [ 5E283C987ED4BB42323A3C722EEBC081 ] C:\WINDOWS\system32\shdocvw.dll
00:36:04.0406 2772 C:\WINDOWS\system32\shdocvw.dll - ok
00:36:04.0406 2772 [ 30DB64D316F502558DB2380F7343C9FD ] C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL
00:36:04.0406 2772 C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL - ok
00:36:04.0406 2772 [ 207204AF80505AF51271FE164B56F662 ] C:\PROGRA~1\MICROS~3\Office12\GrooveUtil.dll
00:36:04.0406 2772 C:\PROGRA~1\MICROS~3\Office12\GrooveUtil.dll - ok
00:36:04.0421 2772 [ 30EFEBDC960A482E3E188B9960B286E2 ] C:\PROGRA~1\MICROS~3\Office12\GrooveNew.dll
00:36:04.0421 2772 C:\PROGRA~1\MICROS~3\Office12\GrooveNew.dll - ok
00:36:04.0421 2772 [ D5E459BED3DB9CF7FC6CC1455F177D2D ] C:\WINDOWS\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_a4c618fa\ATL80.dll
00:36:04.0421 2772 C:\WINDOWS\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_a4c618fa\ATL80.dll - ok
00:36:04.0421 2772 [ D8C2B95BC2353E1F18850D6B8F5DBA13 ] C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
00:36:04.0421 2772 C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll - ok
00:36:04.0421 2772 [ B4ED498E3BFEE64E952BC44FC6057DB8 ] C:\WINDOWS\system32\desk.cpl
00:36:04.0421 2772 C:\WINDOWS\system32\desk.cpl - ok
00:36:04.0421 2772 [ A314EEA2A503A8E04085201E436384A5 ] C:\WINDOWS\system32\themeui.dll
00:36:04.0421 2772 C:\WINDOWS\system32\themeui.dll - ok
00:36:04.0421 2772 [ ACFEE2392503DD5E457363A0510B8BCB ] C:\WINDOWS\system32\msxml3.dll
00:36:04.0421 2772 C:\WINDOWS\system32\msxml3.dll - ok
00:36:04.0421 2772 [ 6D778E0F95447E6546553EEEA709D03C ] C:\WINDOWS\system32\cmd.exe
00:36:04.0421 2772 C:\WINDOWS\system32\cmd.exe - ok
00:36:04.0421 2772 [ 480A97A55E986FA4733282D67737FAF8 ] C:\DOCUME~1\COMPAQ~1\LOCALS~1\temp\yucnygos.exe
00:36:04.0421 2772 C:\DOCUME~1\COMPAQ~1\LOCALS~1\temp\yucnygos.exe - ok
00:36:04.0421 2772 [ CE5BC065C74C0A49486664CF71E0CA0A ] C:\WINDOWS\system32\ieframe.dll
00:36:04.0421 2772 C:\WINDOWS\system32\ieframe.dll - ok
00:36:04.0421 2772 [ 533AECD1B5356870AE2D905B4D3B42B7 ] C:\Program Files\Microsoft Office\Office12\GrooveMisc.dll
00:36:04.0421 2772 C:\Program Files\Microsoft Office\Office12\GrooveMisc.dll - ok
00:36:04.0421 2772 [ C5A2155E27F1E00B629ECA9FED6AC841 ] C:\DOCUME~1\COMPAQ~1\LOCALS~1\temp\E2B05B2F-6D13-42A8-806F-CE51E15A787C.exe
00:36:04.0421 2772 C:\DOCUME~1\COMPAQ~1\LOCALS~1\temp\E2B05B2F-6D13-42A8-806F-CE51E15A787C.exe - ok
00:36:04.0421 2772 [ 17AA58A54C00F1746B8654C050491F43 ] C:\WINDOWS\system32\msutb.dll
00:36:04.0421 2772 C:\WINDOWS\system32\msutb.dll - ok
00:36:04.0421 2772 [ E40FCF943127DDC8FD60554B722D762B ] C:\WINDOWS\system32\msctf.dll
00:36:04.0421 2772 C:\WINDOWS\system32\msctf.dll - ok
00:36:04.0421 2772 [ 684559A03CBC1D05BA120A18B0D8BA5D ] C:\WINDOWS\system32\winhttp.dll
00:36:04.0421 2772 C:\WINDOWS\system32\winhttp.dll - ok
00:36:04.0421 2772 [ 2DC5A8019E2387987905F77C664E4BE2 ] C:\WINDOWS\system32\linkinfo.dll
00:36:04.0421 2772 C:\WINDOWS\system32\linkinfo.dll - ok
00:36:04.0421 2772 [ A70A2D85AD143D6BB823C246CEB699A5 ] C:\WINDOWS\system32\ntshrui.dll
00:36:04.0421 2772 C:\WINDOWS\system32\ntshrui.dll - ok
00:36:04.0421 2772 [ 91790D6749EBED90E2C40479C0A91879 ] C:\WINDOWS\system32\verclsid.exe
00:36:04.0421 2772 C:\WINDOWS\system32\verclsid.exe - ok
00:36:04.0421 2772 [ A6D351093F75D16C574DB31CDF736153 ] C:\DOCUME~1\COMPAQ~1\LOCALS~1\temp\obfaabiv.sys
00:36:04.0421 2772 C:\DOCUME~1\COMPAQ~1\LOCALS~1\temp\obfaabiv.sys - ok
00:36:04.0421 2772 [ D6F934A361D7F0BE8271673988D4E7FD ] C:\WINDOWS\temp\62e26657
00:36:04.0421 2772 C:\WINDOWS\temp\62e26657 - ok
00:36:04.0421 2772 [ 9583183A032C85706B81B92A25C5B331 ] C:\WINDOWS\RTHDCPL.exe
00:36:04.0421 2772 C:\WINDOWS\RTHDCPL.exe - ok
00:36:04.0421 2772 [ 469690B9702F02AF087EA52B3B843202 ] C:\WINDOWS\SOUNDMAN.EXE
00:36:04.0421 2772 C:\WINDOWS\SOUNDMAN.EXE - ok
00:36:04.0421 2772 [ 062F837C1FBDB6A0A75F82EFC2EE8E74 ] C:\WINDOWS\system32\netshell.dll
00:36:04.0421 2772 C:\WINDOWS\system32\netshell.dll - ok
00:36:04.0421 2772 [ 4E8F3230BAC8C1CAADF01A8C728E1C5C ] C:\WINDOWS\system32\dot3dlg.dll
00:36:04.0421 2772 C:\WINDOWS\system32\dot3dlg.dll - ok
00:36:04.0421 2772 [ CA04959077AFE36369D37B3504740C87 ] C:\WINDOWS\system32\onex.dll
00:36:04.0421 2772 C:\WINDOWS\system32\onex.dll - ok
00:36:04.0421 2772 [ 5DB625E7D095604010CF84DE2D8ACFA6 ] C:\WINDOWS\system32\eappcfg.dll
00:36:04.0421 2772 C:\WINDOWS\system32\eappcfg.dll - ok
00:36:04.0421 2772 [ ABC4206543450C0666D152F4B65833B8 ] C:\WINDOWS\system32\eappprxy.dll
00:36:04.0421 2772 C:\WINDOWS\system32\eappprxy.dll - ok
00:36:04.0421 2772 [ 439231898C6FDC13996AE3D733D00FBA ] C:\WINDOWS\system32\CTHELPER.EXE
00:36:04.0421 2772 C:\WINDOWS\system32\CTHELPER.EXE - ok
00:36:04.0421 2772 [ F0BF811622F2DD6C8E26EE4600D83731 ] C:\WINDOWS\system32\wbem\wbemcore.dll
00:36:04.0421 2772 C:\WINDOWS\system32\wbem\wbemcore.dll - ok
00:36:04.0421 2772 [ E4616430709F440CF1809D88DC2366EA ] C:\WINDOWS\system32\wbem\esscli.dll
00:36:04.0421 2772 C:\WINDOWS\system32\wbem\esscli.dll - ok
00:36:04.0421 2772 [ D95C71052E5EF63B55997FB31483D02F ] C:\WINDOWS\system32\wbem\wbemcomn.dll
00:36:04.0421 2772 C:\WINDOWS\system32\wbem\wbemcomn.dll - ok
00:36:04.0421 2772 [ 378A0AEFB11D8B0DC8C27B9F7604B88D ] C:\WINDOWS\system32\wbem\fastprox.dll
00:36:04.0421 2772 C:\WINDOWS\system32\wbem\fastprox.dll - ok
00:36:04.0421 2772 [ 22D71D1DB6FC789A1CE8AC6963580259 ] C:\WINDOWS\system32\hhctrl.ocx
00:36:04.0421 2772 C:\WINDOWS\system32\hhctrl.ocx - ok
00:36:04.0421 2772 [ 76848CB1AA5818DB47D5F5986E0A7485 ] C:\WINDOWS\system32\mfc42.dll
00:36:04.0421 2772 C:\WINDOWS\system32\mfc42.dll - ok
00:36:04.0421 2772 [ 3273D1565BF30225C115B480A3BB2C9D ] C:\WINDOWS\system32\wbem\wmiutils.dll
00:36:04.0421 2772 C:\WINDOWS\system32\wbem\wmiutils.dll - ok
00:36:04.0437 2772 [ CFADDBB43BA973F8D15D7D2E50C63476 ] C:\RECYCLER\S-1-5-21-4084055621-2455302966-1550939352-1007\$364d55605115baf1d28d3f84fec5e12b\n
00:36:04.0437 2772 C:\RECYCLER\S-1-5-21-4084055621-2455302966-1550939352-1007\$364d55605115baf1d28d3f84fec5e12b\n - ok
00:36:04.0437 2772 [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] C:\WINDOWS\system32\netman.dll
00:36:04.0437 2772 C:\WINDOWS\system32\netman.dll - ok
00:36:04.0437 2772 [ CC8915DB4E33E8FB29CA0D2DBF75306E ] C:\WINDOWS\system32\webcheck.dll
00:36:04.0437 2772 C:\WINDOWS\system32\webcheck.dll - ok
00:36:04.0437 2772 [ 2A8681AEA24003040CA7D677BE9F1702 ] C:\WINDOWS\system32\drivers\09867163.sys
00:36:04.0437 2772 C:\WINDOWS\system32\drivers\09867163.sys - ok
00:36:04.0437 2772 [ 897C26D149F4750FAF8666727DD5DD0A ] C:\WINDOWS\ALCWZRD.EXE
00:36:04.0437 2772 C:\WINDOWS\ALCWZRD.EXE - ok
00:36:04.0437 2772 [ CFADDBB43BA973F8D15D7D2E50C63476 ] C:\RECYCLER\S-1-5-18\$364d55605115baf1d28d3f84fec5e12b\n
00:36:04.0437 2772 C:\RECYCLER\S-1-5-18\$364d55605115baf1d28d3f84fec5e12b\n - ok
00:36:04.0437 2772 [ 50512FC9B7878E3C2C147BC17326A7DB ] C:\WINDOWS\system32\stobject.dll
00:36:04.0437 2772 C:\WINDOWS\system32\stobject.dll - ok
00:36:04.0437 2772 [ 942A17D2901A31EA68627CBFFCD268CC ] C:\WINDOWS\system32\wbem\repdrvfs.dll
00:36:04.0437 2772 C:\WINDOWS\system32\wbem\repdrvfs.dll - ok
00:36:04.0437 2772 [ 4D83ED8BDDEC431FC8AD907B47CFB6E3 ] C:\WINDOWS\system32\dsound.dll
00:36:04.0437 2772 C:\WINDOWS\system32\dsound.dll - ok
00:36:04.0437 2772 [ 231A0B0E3BA7ABFE469A8262FAA1FD71 ] C:\WINDOWS\system32\batmeter.dll
00:36:04.0437 2772 C:\WINDOWS\system32\batmeter.dll - ok
00:36:04.0437 2772 [ 071143F687B4F887E21461CA6CC7EB29 ] C:\WINDOWS\system32\wbem\wmiprvsd.dll
00:36:04.0437 2772 C:\WINDOWS\system32\wbem\wmiprvsd.dll - ok
00:36:04.0437 2772 [ D7D69F304A604387B86BE991CBF07663 ] C:\WINDOWS\system32\WPDShServiceObj.dll
00:36:04.0437 2772 C:\WINDOWS\system32\WPDShServiceObj.dll - ok
00:36:04.0437 2772 [ 3CBA2210FA39C6ED7895634842E930DD ] C:\WINDOWS\system32\sensapi.dll
00:36:04.0437 2772 C:\WINDOWS\system32\sensapi.dll - ok
00:36:04.0437 2772 [ 26D881D27CBE51D3614E68D7313EA026 ] C:\WINDOWS\system32\wbem\wbemess.dll
00:36:04.0437 2772 C:\WINDOWS\system32\wbem\wbemess.dll - ok
00:36:04.0437 2772 [ 310F1E8A0781887BA1C217448C0E4D48 ] C:\WINDOWS\SMINST\Recguard.exe
00:36:04.0437 2772 C:\WINDOWS\SMINST\Recguard.exe - ok
00:36:04.0437 2772 [ 93C088C2AEB2F23E720BDA7E32BD5117 ] C:\WINDOWS\system32\upnp.dll
00:36:04.0437 2772 C:\WINDOWS\system32\upnp.dll - ok
00:36:04.0437 2772 [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] C:\WINDOWS\system32\imapi.exe
00:36:04.0437 2772 C:\WINDOWS\system32\imapi.exe - ok
00:36:04.0437 2772 [ 25CF0DAE6043D8167B813ED7CDE5C76E ] C:\Program Files\Common Files\Logitech\QCDriver2\LVComS.exe
00:36:04.0437 2772 C:\Program Files\Common Files\Logitech\QCDriver2\LVComS.exe - ok
00:36:04.0437 2772 [ F3602B83B2312450C7036F7419F39618 ] C:\WINDOWS\system32\CTDCIFCE.DLL
00:36:04.0437 2772 C:\WINDOWS\system32\CTDCIFCE.DLL - ok
00:36:04.0437 2772 [ 538A270F35A713C360B7ED4168BB7521 ] C:\WINDOWS\system32\mydocs.dll
00:36:04.0437 2772 C:\WINDOWS\system32\mydocs.dll - ok
00:36:04.0437 2772 [ D77E83743B07121B1D3941FD80375662 ] C:\WINDOWS\system32\SiSPower.dll
00:36:04.0437 2772 C:\WINDOWS\system32\SiSPower.dll - ok
00:36:04.0437 2772 [ 3D075865DCC26931972F6476AD0497BE ] C:\WINDOWS\system32\ssdpapi.dll
00:36:04.0437 2772 C:\WINDOWS\system32\ssdpapi.dll - ok
00:36:04.0437 2772 [ C1254C0B3641A3B3D8A5306AF9AE0638 ] C:\WINDOWS\system32\CTDC0001.DLL
00:36:04.0437 2772 C:\WINDOWS\system32\CTDC0001.DLL - ok
00:36:04.0437 2772 [ 9819C4F68686E9FE1D62DD0D4767DDD5 ] C:\hp\drivers\hplsbwatcher\LSBurnWatcher.exe
00:36:04.0437 2772 C:\hp\drivers\hplsbwatcher\LSBurnWatcher.exe - ok
00:36:04.0437 2772 [ E8B5BE3B1298E6C55F984105176A5DDB ] C:\Program Files\Nokia\Nokia PC Suite 7\PhoneBrowser.dll
00:36:04.0437 2772 C:\Program Files\Nokia\Nokia PC Suite 7\PhoneBrowser.dll - ok
00:36:04.0437 2772 [ 205ADD80FF8099B1A8101EB490B933D1 ] C:\WINDOWS\system32\wbem\wbemprox.dll
00:36:04.0437 2772 C:\WINDOWS\system32\wbem\wbemprox.dll - ok
00:36:04.0437 2772 [ 010472D0AE758227C6F6E6933549C219 ] C:\WINDOWS\system32\wbem\wbemsvc.dll
00:36:04.0437 2772 C:\WINDOWS\system32\wbem\wbemsvc.dll - ok
00:36:04.0437 2772 [ 0B467F470CC9918FDCEEDCFD7DC4D697 ] C:\WINDOWS\system32\oledlg.dll
00:36:04.0437 2772 C:\WINDOWS\system32\oledlg.dll - ok
00:36:04.0437 2772 [ 064B932A02A18A8E223CBD925EF5314C ] C:\WINDOWS\system32\CTOSUSER.DLL
00:36:04.0437 2772 C:\WINDOWS\system32\CTOSUSER.DLL - ok
00:36:04.0437 2772 [ F80A415EF82CD06FFAF0D971528EAD38 ] C:\WINDOWS\system32\drivers\http.sys
00:36:04.0437 2772 C:\WINDOWS\system32\drivers\http.sys - ok
00:36:04.0437 2772 [ 5652F6CE1D9E9D8068B9D29BC21B5409 ] C:\WINDOWS\system32\olepro32.dll
00:36:04.0437 2772 C:\WINDOWS\system32\olepro32.dll - ok
00:36:04.0437 2772 [ 54ED1955EDB126599E3814B6E251BCA6 ] C:\RECYCLER\S-1-5-18\$364d55605115baf1d28d3f84fec5e12b\U\80000000.@
00:36:04.0437 2772 C:\RECYCLER\S-1-5-18\$364d55605115baf1d28d3f84fec5e12b\U\80000000.@ - ok
00:36:04.0453 2772 [ 79D4D68D6BDD2A704B088CE06B88DD1F ] C:\Program Files\Nokia\Nokia PC Suite 7\NGSCM.dll
00:36:04.0453 2772 C:\Program Files\Nokia\Nokia PC Suite 7\NGSCM.dll - ok
00:36:04.0453 2772 [ 2DDB0DBBC15C7B4F586E4F9DAEB3ADBD ] C:\WINDOWS\system32\CTDPROXY.DLL
00:36:04.0453 2772 C:\WINDOWS\system32\CTDPROXY.DLL - ok
00:36:04.0453 2772 [ 0A5679B3714EDAB99E357057EE88FCA6 ] C:\WINDOWS\system32\ssdpsrv.dll
00:36:04.0453 2772 C:\WINDOWS\system32\ssdpsrv.dll - ok
00:36:04.0453 2772 [ 6E71F4274113197AD75262AF24FB1B09 ] C:\RECYCLER\S-1-5-18\$364d55605115baf1d28d3f84fec5e12b\U\000000cb.@
00:36:04.0453 2772 C:\RECYCLER\S-1-5-18\$364d55605115baf1d28d3f84fec5e12b\U\000000cb.@ - ok
00:36:04.0453 2772 [ 37A62C6092AADD2EFDE0468DD8818E99 ] C:\WINDOWS\system32\netcfgx.dll
00:36:04.0453 2772 C:\WINDOWS\system32\netcfgx.dll - ok
00:36:04.0453 2772 [ 80776884E7A05D6DA5040926F82B0273 ] C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6002.22791_x-ww_c8dff154\GdiPlus.dll
00:36:04.0453 2772 C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6002.22791_x-ww_c8dff154\GdiPlus.dll - ok
00:36:04.0453 2772 [ 8AFF0CD008DF536D4FFCB742F286AD3B ] C:\WINDOWS\assembly\GAC\Desktop.ini
00:36:04.0453 2772 C:\WINDOWS\assembly\GAC\Desktop.ini - ok
00:36:04.0453 2772 [ 8015AC26718BFAC14B6DBFD2BE531C57 ] C:\RECYCLER\S-1-5-18\$364d55605115baf1d28d3f84fec5e12b\U\80000032.@
00:36:04.0453 2772 C:\RECYCLER\S-1-5-18\$364d55605115baf1d28d3f84fec5e12b\U\80000032.@ - ok
00:36:04.0453 2772 [ F9D3C78CFE15271D80790677C893CE45 ] C:\WINDOWS\system32\cabinet.dll
00:36:04.0453 2772 C:\WINDOWS\system32\cabinet.dll - ok
00:36:04.0453 2772 [ FE2EB24E6BD36B8BE3869ECE85AA72BC ] C:\RECYCLER\S-1-5-18\$364d55605115baf1d28d3f84fec5e12b\U\00000004.@
00:36:04.0453 2772 C:\RECYCLER\S-1-5-18\$364d55605115baf1d28d3f84fec5e12b\U\00000004.@ - ok
00:36:04.0453 2772 [ B7C7FA3BEDE83AC5F1DE03B30D494CC1 ] C:\WINDOWS\system32\httpapi.dll
00:36:04.0453 2772 C:\WINDOWS\system32\httpapi.dll - ok
00:36:04.0453 2772 [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] C:\WINDOWS\system32\rasmans.dll
00:36:04.0453 2772 C:\WINDOWS\system32\rasmans.dll - ok
00:36:04.0453 2772 [ 6100A808600F44D999CEBDEF8841C7A3 ] C:\WINDOWS\system32\w3ssl.dll
00:36:04.0453 2772 C:\WINDOWS\system32\w3ssl.dll - ok
00:36:04.0453 2772 [ 0B3595A4FF0B36D68E5FC67FD7D70FDC ] C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\msvcp80.dll
00:36:04.0453 2772 C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\msvcp80.dll - ok
00:36:04.0453 2772 [ 4A93B65CFB514F2EA76B59568D5F39CE ] C:\WINDOWS\system32\strmfilt.dll
00:36:04.0453 2772 C:\WINDOWS\system32\strmfilt.dll - ok
00:36:04.0453 2772 [ 75563FF603C40F0A5486750E0C486CC2 ] C:\Program Files\Nokia\Nokia PC Suite 7\PCSL.dll
00:36:04.0453 2772 C:\Program Files\Nokia\Nokia PC Suite 7\PCSL.dll - ok
00:36:04.0453 2772 [ 73DD6940DCCB252489CE5C4EF8CDA075 ] C:\Program Files\Nokia\Nokia PC Suite 7\Lang\PhoneBrowser_eng.NLR
00:36:04.0453 2772 C:\Program Files\Nokia\Nokia PC Suite 7\Lang\PhoneBrowser_eng.NLR - ok
00:36:04.0453 2772 [ 5F7692CEC90E2E9AA32CD58321E234B8 ] C:\WINDOWS\system32\rastapi.dll
00:36:04.0453 2772 C:\WINDOWS\system32\rastapi.dll - ok
00:36:04.0453 2772 [ F2699D792A0D3079E9B2EE7F6F7C62AF ] C:\Program Files\Nokia\Nokia PC Suite 7\Resource\PhoneBrowser_Nokia.NGR
00:36:04.0453 2772 C:\Program Files\Nokia\Nokia PC Suite 7\Resource\PhoneBrowser_Nokia.NGR - ok
00:36:04.0453 2772 [ 4A95F15B706B8FD9EC8715B6401EAB7B ] C:\hp\KBD\kbd.exe
00:36:04.0453 2772 C:\hp\KBD\kbd.exe - ok
00:36:04.0453 2772 [ 5D999BF519415D1C8EE0B97FF6A254DB ] C:\Program Files\Microsoft Office\Office12\MSOHEVI.DLL
00:36:04.0453 2772 C:\Program Files\Microsoft Office\Office12\MSOHEVI.DLL - ok
00:36:04.0453 2772 [ D0545A010ED2259A740C8414899A938F ] C:\WINDOWS\system32\rasppp.dll
00:36:04.0453 2772 C:\WINDOWS\system32\rasppp.dll - ok
00:36:04.0453 2772 [ B464BD425D5D09ABE4192234D1577B22 ] C:\WINDOWS\system32\ntlsapi.dll
00:36:04.0453 2772 C:\WINDOWS\system32\ntlsapi.dll - ok
00:36:04.0453 2772 [ A687C458B80C7D55CBE39649D952ED2A ] C:\WINDOWS\system32\PortableDeviceTypes.dll
00:36:04.0453 2772 C:\WINDOWS\system32\PortableDeviceTypes.dll - ok
00:36:04.0453 2772 [ F68A3F0D63BE926ED65ED1C8C5B03A3D ] C:\hp\KBD\LED.DLL
00:36:04.0453 2772 C:\hp\KBD\LED.DLL - ok
00:36:04.0453 2772 [ A655C88AA555BB8EF8957BD29408827F ] C:\WINDOWS\system32\rasqec.dll
00:36:04.0453 2772 C:\WINDOWS\system32\rasqec.dll - ok
00:36:04.0453 2772 [ 51AD048199C49AA40FF318235D2B08CA ] C:\hp\KBD\USB.DLL
00:36:04.0453 2772 C:\hp\KBD\USB.DLL - ok
00:36:04.0453 2772 [ D26451B540720A7313A9BCBE794DAF62 ] C:\WINDOWS\system32\wbem\ncprov.dll
00:36:04.0453 2772 C:\WINDOWS\system32\wbem\ncprov.dll - ok
00:36:04.0453 2772 [ D00FEBB84F3CE9CF310340D15EEE8EA1 ] C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
00:36:04.0453 2772 C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe - ok
00:36:04.0453 2772 [ E132AD94798E72ACB650E985984C7F58 ] C:\WINDOWS\system32\PortableDeviceApi.dll
00:36:04.0453 2772 C:\WINDOWS\system32\PortableDeviceApi.dll - ok
00:36:04.0453 2772 [ 94F6FEC3F5C5532F264FFE05709DE767 ] C:\hp\KBD\PS2.DLL
00:36:04.0453 2772 C:\hp\KBD\PS2.DLL - ok
00:36:04.0468 2772 [ FE528A46F46602F1BB8F4F216C39C357 ] C:\hp\KBD\MSG.DLL
00:36:04.0468 2772 C:\hp\KBD\MSG.DLL - ok
00:36:04.0468 2772 [ 2E4933748178F6D7BD09BA5F38FE044E ] C:\hp\KBD\OSD.DLL
00:36:04.0468 2772 C:\hp\KBD\OSD.DLL - ok
00:36:04.0468 2772 [ 3C73C6447195D2006802F4FF452496A7 ] C:\hp\KBD\SCT.DLL
00:36:04.0468 2772 C:\hp\KBD\SCT.DLL - ok
00:36:04.0468 2772 [ AB529AB0BFD476644A6DB2357C98D1D5 ] C:\hp\KBD\ONL.DLL
00:36:04.0468 2772 C:\hp\KBD\ONL.DLL - ok
00:36:04.0468 2772 [ 7DAD1668B146685818C5504791FD15BC ] C:\hp\KBD\AOL.DLL
00:36:04.0468 2772 C:\hp\KBD\AOL.DLL - ok
00:36:04.0468 2772 [ 0E280A4A6805A752F30F2981D6C4603C ] C:\hp\KBD\URL.DLL
00:36:04.0468 2772 C:\hp\KBD\URL.DLL - ok
00:36:04.0468 2772 [ 7EFEAE0CF20BA66E053A850DAD34D3A8 ] C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe
00:36:04.0468 2772 C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe - ok
00:36:04.0468 2772 [ 8BBBADA96FFE1449EDD39256EDA99CD8 ] C:\WINDOWS\system32\igfxtray.exe
00:36:04.0468 2772 C:\WINDOWS\system32\igfxtray.exe - ok
00:36:04.0468 2772 [ 6404807ABC7AF52FA3792697AE638B50 ] C:\WINDOWS\system32\wbem\wbemcons.dll
00:36:04.0468 2772 C:\WINDOWS\system32\wbem\wbemcons.dll - ok
00:36:04.0468 2772 [ 261E5E3602941656A1442B255C936B9E ] C:\hp\KBD\CFG.DLL
00:36:04.0468 2772 C:\hp\KBD\CFG.DLL - ok
00:36:04.0468 2772 [ 06A1ECB63DF139EC639E084D4AB3C9D7 ] C:\WINDOWS\system\hpsysdrv.exe
00:36:04.0468 2772 C:\WINDOWS\system\hpsysdrv.exe - ok
00:36:04.0468 2772 [ 60DB5561F7B646FA217E9EA6561E6705 ] C:\hp\KBD\MSIKBDIF.DLL
00:36:04.0468 2772 C:\hp\KBD\MSIKBDIF.DLL - ok
00:36:04.0468 2772 [ 0E34B7BB1FCF22BCC1E394D16F9E992B ] C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
00:36:04.0468 2772 C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe - ok
00:36:04.0468 2772 [ 585992D78B671AAA075C02241309795D ] C:\WINDOWS\system32\msvcirt.dll
00:36:04.0468 2772 C:\WINDOWS\system32\msvcirt.dll - ok
00:36:04.0468 2772 [ 480A97A55E986FA4733282D67737FAF8 ] C:\Documents and Settings\Compaq_Owner\ytyucuYT
00:36:04.0468 2772 C:\Documents and Settings\Compaq_Owner\ytyucuYT - ok
00:36:04.0468 2772 [ E7BE65BF79906AEBC698E077D53F6A1C ] C:\WINDOWS\AGRSMMSG.exe
00:36:04.0468 2772 C:\WINDOWS\AGRSMMSG.exe - ok
00:36:04.0468 2772 [ 5B120AC95451AF137981C1BC13978806 ] C:\WINDOWS\system32\hccutils.dll
00:36:04.0468 2772 C:\WINDOWS\system32\hccutils.dll - ok
00:36:04.0468 2772 [ 707C0C5D9BE7163182227470E9CD3C9A ] C:\Program Files\Belkin\F5D8055\v2\Belkinwcui.exe
00:36:04.0468 2772 C:\Program Files\Belkin\F5D8055\v2\Belkinwcui.exe - ok
00:36:04.0468 2772 [ 0617536C5EDAF36F301BD2B04C05E30F ] C:\Program Files\Common Files\InstallShield\UpdateService\_ispmres.dll
00:36:04.0468 2772 C:\Program Files\Common Files\InstallShield\UpdateService\_ispmres.dll - ok
00:36:04.0468 2772 [ 62CE6A1F613BD445459D592FDE4AFE14 ] C:\WINDOWS\system32\nwiz.exe
00:36:04.0468 2772 C:\WINDOWS\system32\nwiz.exe - ok
00:36:04.0468 2772 [ 12916E0642E92561C98B18A2A2D01B14 ] C:\Program Files\Common Files\Java\Java Update\jusched.exe
00:36:04.0468 2772 C:\Program Files\Common Files\Java\Java Update\jusched.exe - ok
00:36:04.0468 2772 [ 974237F7893AC957258B176D128D7FB7 ] C:\Program Files\QuickTime\QTTask.exe
00:36:04.0468 2772 C:\Program Files\QuickTime\QTTask.exe - ok
00:36:04.0468 2772 [ 8E16BF5600797E678EA97051CF93E6BF ] C:\WINDOWS\system32\dumprep.exe
00:36:04.0468 2772 C:\WINDOWS\system32\dumprep.exe - ok
00:36:04.0468 2772 [ 4E03322DB729B41AF2C362300DD5576E ] C:\WINDOWS\system32\nvmctray.dll
00:36:04.0468 2772 C:\WINDOWS\system32\nvmctray.dll - ok
00:36:04.0468 2772 [ F34E7705751BB413283434697BF8E55D ] C:\Program Files\DAEMON Tools Lite\DTLite.exe
00:36:04.0468 2772 C:\Program Files\DAEMON Tools Lite\DTLite.exe - ok
00:36:04.0468 2772 [ 48F8A82001B13193B38FB00179C927D0 ] C:\Program Files\Common Files\InstallShield\UpdateService\agent.exe
00:36:04.0468 2772 C:\Program Files\Common Files\InstallShield\UpdateService\agent.exe - ok
00:36:04.0468 2772 [ 401A8C0BE0BAA7D7A470F0942244152D ] C:\WINDOWS\system32\rasdlg.dll
00:36:04.0468 2772 C:\WINDOWS\system32\rasdlg.dll - ok
00:36:04.0468 2772 [ C7144387E236687F8FB3F26FC845A822 ] C:\Program Files\Pando Networks\Media Booster\PMB.exe
00:36:04.0468 2772 C:\Program Files\Pando Networks\Media Booster\PMB.exe - ok
00:36:04.0468 2772 [ 9385BD61B365DE7CF9AF3290B7D5A3B9 ] C:\Program Files\DAEMON Tools Lite\DTCommonRes.dll
00:36:04.0468 2772 C:\Program Files\DAEMON Tools Lite\DTCommonRes.dll - ok
00:36:04.0468 2772 [ 5F1D5F88303D4A4DBC8E5F97BA967CC3 ] C:\WINDOWS\system32\ctfmon.exe
00:36:04.0468 2772 C:\WINDOWS\system32\ctfmon.exe - ok
00:36:04.0468 2772 [ 1C22A3866112ED41E1F3684DAE9AD5D2 ] C:\WINDOWS\system32\mmcshext.dll
00:36:04.0468 2772 C:\WINDOWS\system32\mmcshext.dll - ok
00:36:04.0468 2772 [ D3E868700D9B5E3C54B7EED060215CC1 ] C:\WINDOWS\system32\hhsetup.dll
00:36:04.0468 2772 C:\WINDOWS\system32\hhsetup.dll - ok
00:36:04.0468 2772 [ 75EF99EC95884BF97EE054F3B97898FC ] C:\WINDOWS\system32\nview.dll
00:36:04.0484 2772 C:\WINDOWS\system32\nview.dll - ok
00:36:04.0484 2772 [ 4EA92135C436D18975C2EBEC242B71DA ] C:\WINDOWS\system32\icmp.dll
00:36:04.0484 2772 C:\WINDOWS\system32\icmp.dll - ok
00:36:04.0484 2772 [ F6FAEC07446A78A9C5AF4558FF5BD118 ] C:\WINDOWS\ime\sptip.dll
00:36:04.0484 2772 C:\WINDOWS\ime\sptip.dll - ok
00:36:04.0484 2772 [ 90A9B542C9300E540864D9FE1C42A130 ] C:\WINDOWS\system32\fxsst.dll
00:36:04.0484 2772 C:\WINDOWS\system32\fxsst.dll - ok
00:36:04.0484 2772 [ 8F1BEC962E5A6F572CD4ADD1CC916055 ] C:\Program Files\Belkin\F5D8055\v2\BelkinwcuiDLL.dll
00:36:04.0484 2772 C:\Program Files\Belkin\F5D8055\v2\BelkinwcuiDLL.dll - ok
00:36:04.0484 2772 [ 480A97A55E986FA4733282D67737FAF8 ] C:\WINDOWS\system32\ytyucuYT
00:36:04.0484 2772 C:\WINDOWS\system32\ytyucuYT - ok
00:36:04.0484 2772 [ 4C5E139FAB02BEE58EDC88E1512110FB ] C:\Program Files\Pando Networks\Media Booster\nspr4.dll
00:36:04.0484 2772 C:\Program Files\Pando Networks\Media Booster\nspr4.dll - ok
00:36:04.0484 2772 [ E2C48CD0132D4D1DC7D0DF9A6BEF686A ] C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_150c9e8b\mfc80u.dll
00:36:04.0484 2772 C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_150c9e8b\mfc80u.dll - ok
00:36:04.0484 2772 [ A919B6966EAD441E2C4D39112C427A4F ] C:\Program Files\Belkin\F5D8055\v2\PCARmDrv.exe
00:36:04.0484 2772 C:\Program Files\Belkin\F5D8055\v2\PCARmDrv.exe - ok
00:36:04.0484 2772 [ 65A9495A436F5402BC1C467E1B926C27 ] C:\WINDOWS\winhlp32.exe
00:36:04.0484 2772 C:\WINDOWS\winhlp32.exe - ok
00:36:04.0484 2772 [ CDBE9690CF2B8409FACAD94FAC9479C9 ] C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_31a54e43\msvcr90.dll
00:36:04.0484 2772 C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_31a54e43\msvcr90.dll - ok
00:36:04.0484 2772 [ D4931277DF5393E84A48B27DF40914E3 ] C:\WINDOWS\system32\riched32.dll
00:36:04.0484 2772 C:\WINDOWS\system32\riched32.dll - ok
00:36:04.0484 2772 [ 69EE0CB3B05F619EFF7E46F978BBFEEA ] C:\WINDOWS\system32\asycfilt.dll
00:36:04.0484 2772 C:\WINDOWS\system32\asycfilt.dll - ok
00:36:04.0484 2772 [ FEF1E65F151B1EC74A83597FD65BAC4F ] C:\Program Files\Belkin\F5D8055\v2\BelkinHWStatus.dll
00:36:04.0484 2772 C:\Program Files\Belkin\F5D8055\v2\BelkinHWStatus.dll - ok
00:36:04.0484 2772 [ 80A44106AC048D325B4F667B24DE1E40 ] C:\Program Files\Pando Networks\Media Booster\plc4.dll
00:36:04.0484 2772 C:\Program Files\Pando Networks\Media Booster\plc4.dll - ok
00:36:04.0484 2772 [ 63DA5CAD540EF9074ED25DAFF40FC299 ] C:\Program Files\Pando Networks\Media Booster\BugSplat.dll
00:36:04.0484 2772 C:\Program Files\Pando Networks\Media Booster\BugSplat.dll - ok
00:36:04.0484 2772 [ 87672FD8B10E0E3D6098799CAFF04C3D ] C:\Program Files\DAEMON Tools Lite\DTLiteUI.dll
00:36:04.0484 2772 C:\Program Files\DAEMON Tools Lite\DTLiteUI.dll - ok
00:36:04.0484 2772 [ 871F979D70414C900B35E56222932DAF ] C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_6f74963e\msvcp90.dll
00:36:04.0484 2772 C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_6f74963e\msvcp90.dll - ok
00:36:04.0484 2772 [ 4D03CA609E68F4C90CF66515218017F8 ] C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_6f74963e\msvcr90.dll
00:36:04.0484 2772 C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_6f74963e\msvcr90.dll - ok
00:36:04.0484 2772 [ 28A09777D2D952122567A8A82F1A2C7B ] C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_6a5bb789\mfc80ENU.dll
00:36:04.0484 2772 C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_6a5bb789\mfc80ENU.dll - ok
00:36:04.0484 2772 [ CBFA0B98EFBEB31D5B98C5BFB918328F ] C:\Program Files\Pando Networks\Media Booster\nss3.dll
00:36:04.0484 2772 C:\Program Files\Pando Networks\Media Booster\nss3.dll - ok
00:36:04.0484 2772 ============================================================
00:36:04.0484 2772 Scan finished
00:36:04.0484 2772 ============================================================
00:36:04.0593 2716 Detected object count: 18
00:36:04.0593 2716 Actual detected object count: 18
00:36:34.0437 2716 AegisP ( UnsignedFile.Multi.Generic ) - skipped by user
00:36:34.0437 2716 AegisP ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:36:34.0437 2716 ctac32k ( UnsignedFile.Multi.Generic ) - skipped by user
00:36:34.0437 2716 ctac32k ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:36:34.0437 2716 ctdvda2k ( UnsignedFile.Multi.Generic ) - skipped by user
00:36:34.0437 2716 ctdvda2k ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:36:34.0437 2716 ctprxy2k ( UnsignedFile.Multi.Generic ) - skipped by user
00:36:34.0437 2716 ctprxy2k ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:36:34.0437 2716 ctsfm2k ( UnsignedFile.Multi.Generic ) - skipped by user
00:36:34.0437 2716 ctsfm2k ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:36:34.0437 2716 emupia ( UnsignedFile.Multi.Generic ) - skipped by user
00:36:34.0437 2716 emupia ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:36:34.0437 2716 ha10kx2k ( UnsignedFile.Multi.Generic ) - skipped by user
00:36:34.0437 2716 ha10kx2k ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:36:34.0437 2716 hap16v2k ( UnsignedFile.Multi.Generic ) - skipped by user
00:36:34.0437 2716 hap16v2k ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:36:34.0437 2716 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
00:36:34.0437 2716 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:36:34.0437 2716 Iviaspi ( UnsignedFile.Multi.Generic ) - skipped by user
00:36:34.0437 2716 Iviaspi ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:36:34.0437 2716 PCTINDIS5 ( UnsignedFile.Multi.Generic ) - skipped by user
00:36:34.0437 2716 PCTINDIS5 ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:36:34.0437 2716 PCTWPASV ( UnsignedFile.Multi.Generic ) - skipped by user
00:36:34.0437 2716 PCTWPASV ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:36:34.0437 2716 Pfc ( UnsignedFile.Multi.Generic ) - skipped by user
00:36:34.0437 2716 Pfc ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:36:34.0437 2716 ServiceLayer ( UnsignedFile.Multi.Generic ) - skipped by user
00:36:34.0437 2716 ServiceLayer ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:36:34.0437 2716 sptd ( LockedFile.Multi.Generic ) - skipped by user
00:36:34.0437 2716 sptd ( LockedFile.Multi.Generic ) - User select action: Skip
00:36:34.0437 2716 USBCM ( UnsignedFile.Multi.Generic ) - skipped by user
00:36:34.0437 2716 USBCM ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:36:34.0437 2716 WMPNetworkSvc ( UnsignedFile.Multi.Generic ) - skipped by user
00:36:34.0437 2716 WMPNetworkSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:36:34.0562 2716 \Device\Harddisk0\DR0\TDLFS\config.ini - copied to quarantine
00:36:34.0593 2716 \Device\Harddisk0\DR0\TDLFS\tdl - copied to quarantine
00:36:34.0640 2716 \Device\Harddisk0\DR0\TDLFS\rsrc.dat - copied to quarantine
00:36:34.0640 2716 \Device\Harddisk0\DR0\TDLFS\bckfg.tmp - copied to quarantine
00:36:34.0656 2716 \Device\Harddisk0\DR0\TDLFS\tdlcmd.dll - copied to quarantine
00:36:34.0656 2716 \Device\Harddisk0\DR0\TDLFS - deleted
00:36:34.0656 2716 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Delete

-----------------------------------------------------------------------------------------------------------------------------------

What do I do with the rogue killer quarantine folder formed on my desktop??

RKreport[1]

RogueKiller V8.2.0 [10/22/2012] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Feedback: http://www.geekstogo...13-roguekiller/
Website: http://tigzy.geeksto...roguekiller.php
Blog: http://tigzyrk.blogspot.com

Operating System: Windows XP (5.1.2600 Service Pack 3) 32 bits version
Started in : Normal mode
User : Compaq_Owner [Admin rights]
Mode : Scan -- Date : 10/26/2012 00:47:26

¤¤¤ Bad processes : 3 ¤¤¤
[SVCHOST] svchost.exe -- C:\WINDOWS\system32\svchost.exe -> KILLED [TermProc]
[SVCHOST] svchost.exe -- C:\WINDOWS\system32\svchost.exe -> KILLED [TermProc]
[SVCHOST] svchost.exe -- C:\WINDOWS\system32\svchost.exe -> KILLED [TermProc]

¤¤¤ Registry Entries : 16 ¤¤¤
[RUN][SUSP PATH] HKCU\[...]\Run : HphSwemj (C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\yjpdmegv\hphswemj.exe) -> FOUND
[RUN][SUSP PATH] HKUS\S-1-5-21-4084055621-2455302966-1550939352-1007[...]\Run : HphSwemj (C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\yjpdmegv\hphswemj.exe) -> FOUND
[SHELL][SUSP PATH] HKLM\[...]\Winlogon : Userinit (c:\windows\system32\userinit.exe,,C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\yjpdmegv\hphswemj.exe) -> FOUND
[DNS] HKLM\[...]\ControlSet001\Services\Interfaces\{5E80B4AE-DD94-4845-A6AC-4BB27958EABB} : NameServer (93.188.162.74,93.188.161.7) -> FOUND
[DNS] HKLM\[...]\ControlSet001\Services\Interfaces\{6110B636-E929-44CD-8FDE-C2EE284CDE3A} : NameServer (93.188.162.74,93.188.161.7) -> FOUND
[DNS] HKLM\[...]\ControlSet001\Services\Interfaces\{C4C88BE3-1502-4FE3-8491-AD92F2A54658} : NameServer (93.188.162.74,93.188.161.7) -> FOUND
[HJPOL] HKCU\[...]\System : disableregistrytools (0) -> FOUND
[HJPOL] HKLM\[...]\System : DisableRegistryTools (0) -> FOUND
[HJ] HKLM\[...]\System : EnableLUA (0) -> FOUND
[HJ] HKLM\[...]\Security Center : AntiVirusDisableNotify (1) -> FOUND
[HJ] HKLM\[...]\Security Center : FirewallDisableNotify (1) -> FOUND
[HJ] HKLM\[...]\Security Center : UpdatesDisableNotify (1) -> FOUND
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND
[HJ INPROC][ZeroAccess] HKCR\[...]\InprocServer32 : (C:\RECYCLER\S-1-5-21-4084055621-2455302966-1550939352-1007\$364d55605115baf1d28d3f84fec5e12b\n.) -> FOUND
[HJ INPROC][ZeroAccess] HKCR\[...]\InprocServer32 : (C:\RECYCLER\S-1-5-18\$364d55605115baf1d28d3f84fec5e12b\n.) -> FOUND
[HJ INPROC][ZeroAccess] HKLM\[...]\InprocServer32 : (C:\RECYCLER\S-1-5-18\$364d55605115baf1d28d3f84fec5e12b\n.) -> FOUND

¤¤¤ Particular Files / Folders: ¤¤¤
[ZeroAccess][FILE] Desktop.ini : C:\WINDOWS\Assembly\GAC\Desktop.ini --> FOUND
[ZeroAccess][FILE] n : C:\RECYCLER\S-1-5-18\$364d55605115baf1d28d3f84fec5e12b\n --> FOUND
[ZeroAccess][FILE] n : C:\RECYCLER\S-1-5-21-4084055621-2455302966-1550939352-1007\$364d55605115baf1d28d3f84fec5e12b\n --> FOUND
[ZeroAccess][FILE] @ : C:\RECYCLER\S-1-5-18\$364d55605115baf1d28d3f84fec5e12b\@ --> FOUND
[ZeroAccess][FILE] @ : C:\RECYCLER\S-1-5-21-4084055621-2455302966-1550939352-1007\$364d55605115baf1d28d3f84fec5e12b\@ --> FOUND
[ZeroAccess][FOLDER] U : C:\RECYCLER\S-1-5-18\$364d55605115baf1d28d3f84fec5e12b\U --> FOUND
[ZeroAccess][FOLDER] U : C:\RECYCLER\S-1-5-21-4084055621-2455302966-1550939352-1007\$364d55605115baf1d28d3f84fec5e12b\U --> FOUND
[ZeroAccess][FOLDER] L : C:\RECYCLER\S-1-5-18\$364d55605115baf1d28d3f84fec5e12b\L --> FOUND
[ZeroAccess][FOLDER] L : C:\RECYCLER\S-1-5-21-4084055621-2455302966-1550939352-1007\$364d55605115baf1d28d3f84fec5e12b\L --> FOUND

¤¤¤ Driver : [LOADED] ¤¤¤
SSDT[41] : NtCreateKey @ 0x80623FD6 -> HOOKED (\??\C:\DOCUME~1\COMPAQ~1\LOCALS~1\Temp\obfaabiv.sys @ 0xB4F6B6AC)
SSDT[119] : NtOpenKey @ 0x806253B4 -> HOOKED (\??\C:\DOCUME~1\COMPAQ~1\LOCALS~1\Temp\obfaabiv.sys @ 0xB4F6B562)
IRP[IRP_MJ_CREATE] : Unknown -> HOOKED ([MAJOR] atapi.sys @ 0xB9E01B40)
IRP[IRP_MJ_CLOSE] : Unknown -> HOOKED ([MAJOR] atapi.sys @ 0xB9E01B40)
IRP[IRP_MJ_DEVICE_CONTROL] : Unknown -> HOOKED ([MAJOR] atapi.sys @ 0xB9E01B40)
IRP[IRP_MJ_INTERNAL_DEVICE_CONTROL] : Unknown -> HOOKED ([MAJOR] atapi.sys @ 0xB9E01B40)
IRP[IRP_MJ_POWER] : Unknown -> HOOKED ([MAJOR] atapi.sys @ 0xB9E01B40)
IRP[IRP_MJ_SYSTEM_CONTROL] : Unknown -> HOOKED ([MAJOR] atapi.sys @ 0xB9E01B40)
IRP[IRP_MJ_PNP] : Unknown -> HOOKED ([MAJOR] atapi.sys @ 0xB9E01B40)
IRP[DriverStartIo] : Unknown -> HOOKED ([MAJOR] atapi.sys @ 0xB9DFF864)

¤¤¤ Infection : ZeroAccess ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
--> C:\WINDOWS\system32\drivers\etc\hosts

127.0.0.1 localhost


¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: WDC WD2500JD-00HBB0 +++++
--- User ---
[MBR] 11a3a19f6befc30fe14e79fa9639907b
[BSP] 7102de2751ff5596f66982e85a1fe054 : Windows XP MBR Code
Partition table:
0 - [XXXXXX] FAT32 (0x0b) [VISIBLE] Offset (sectors): 63 | Size: 4038 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 8270640 | Size: 234426 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Finished : << RKreport[1].txt >>
RKreport[1].txt

------------------------------------------------------

RKreport[2]

RogueKiller V8.2.0 [10/22/2012] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Feedback: http://www.geekstogo...13-roguekiller/
Website: http://tigzy.geeksto...roguekiller.php
Blog: http://tigzyrk.blogspot.com

Operating System: Windows XP (5.1.2600 Service Pack 3) 32 bits version
Started in : Normal mode
User : Compaq_Owner [Admin rights]
Mode : Remove -- Date : 10/26/2012 00:47:58

¤¤¤ Bad processes : 3 ¤¤¤
[SVCHOST] svchost.exe -- C:\WINDOWS\system32\svchost.exe -> KILLED [TermProc]
[SVCHOST] svchost.exe -- C:\WINDOWS\system32\svchost.exe -> KILLED [TermProc]
[SVCHOST] svchost.exe -- C:\WINDOWS\system32\svchost.exe -> KILLED [TermProc]

¤¤¤ Registry Entries : 14 ¤¤¤
[RUN][SUSP PATH] HKCU\[...]\Run : HphSwemj (C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\yjpdmegv\hphswemj.exe) -> DELETED
[SHELL][SUSP PATH] HKLM\[...]\Winlogon : Userinit (c:\windows\system32\userinit.exe,,C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\yjpdmegv\hphswemj.exe) -> REPLACED (C:\WINDOWS\system32\userinit.exe,)
[DNS] HKLM\[...]\ControlSet001\Services\Interfaces\{5E80B4AE-DD94-4845-A6AC-4BB27958EABB} : NameServer (93.188.162.74,93.188.161.7) -> NOT REMOVED, USE DNSFIX
[DNS] HKLM\[...]\ControlSet001\Services\Interfaces\{6110B636-E929-44CD-8FDE-C2EE284CDE3A} : NameServer (93.188.162.74,93.188.161.7) -> NOT REMOVED, USE DNSFIX
[DNS] HKLM\[...]\ControlSet001\Services\Interfaces\{C4C88BE3-1502-4FE3-8491-AD92F2A54658} : NameServer (93.188.162.74,93.188.161.7) -> NOT REMOVED, USE DNSFIX
[HJPOL] HKCU\[...]\System : disableregistrytools (0) -> DELETED
[HJPOL] HKLM\[...]\System : DisableRegistryTools (0) -> DELETED
[HJ] HKLM\[...]\System : EnableLUA (0) -> REPLACED (1)
[HJ] HKLM\[...]\Security Center : AntiVirusDisableNotify (1) -> REPLACED (0)
[HJ] HKLM\[...]\Security Center : FirewallDisableNotify (1) -> REPLACED (0)
[HJ] HKLM\[...]\Security Center : UpdatesDisableNotify (1) -> REPLACED (0)
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)
[HJ INPROC][ZeroAccess] HKCR\[...]\InprocServer32 : (C:\RECYCLER\S-1-5-21-4084055621-2455302966-1550939352-1007\$364d55605115baf1d28d3f84fec5e12b\n.) -> REPLACED (C:\WINDOWS\system32\shell32.dll)
[HJ INPROC][ZeroAccess] HKCR\[...]\InprocServer32 : (C:\RECYCLER\S-1-5-18\$364d55605115baf1d28d3f84fec5e12b\n.) -> REPLACED (C:\WINDOWS\system32\wbem\fastprox.dll)

¤¤¤ Particular Files / Folders: ¤¤¤
[ZeroAccess][FILE] Desktop.ini : C:\WINDOWS\Assembly\GAC\Desktop.ini --> REMOVED AT REBOOT
[ZeroAccess][FILE] n : C:\RECYCLER\S-1-5-18\$364d55605115baf1d28d3f84fec5e12b\n --> REMOVED AT REBOOT
[ZeroAccess][FILE] n : C:\RECYCLER\S-1-5-21-4084055621-2455302966-1550939352-1007\$364d55605115baf1d28d3f84fec5e12b\n --> REMOVED AT REBOOT
[ZeroAccess][FILE] @ : C:\RECYCLER\S-1-5-18\$364d55605115baf1d28d3f84fec5e12b\@ --> REMOVED AT REBOOT
[ZeroAccess][FILE] @ : C:\RECYCLER\S-1-5-21-4084055621-2455302966-1550939352-1007\$364d55605115baf1d28d3f84fec5e12b\@ --> REMOVED
[Del.Parent][FILE] 00000004.@ : C:\RECYCLER\S-1-5-18\$364d55605115baf1d28d3f84fec5e12b\U\00000004.@ --> REMOVED
[Del.Parent][FILE] 00000008.@ : C:\RECYCLER\S-1-5-18\$364d55605115baf1d28d3f84fec5e12b\U\00000008.@ --> REMOVED
[Del.Parent][FILE] 000000cb.@ : C:\RECYCLER\S-1-5-18\$364d55605115baf1d28d3f84fec5e12b\U\000000cb.@ --> REMOVED
[Del.Parent][FILE] 80000000.@ : C:\RECYCLER\S-1-5-18\$364d55605115baf1d28d3f84fec5e12b\U\80000000.@ --> REMOVED
[Del.Parent][FILE] 80000032.@ : C:\RECYCLER\S-1-5-18\$364d55605115baf1d28d3f84fec5e12b\U\80000032.@ --> REMOVED
[ZeroAccess][FOLDER] ROOT : C:\RECYCLER\S-1-5-18\$364d55605115baf1d28d3f84fec5e12b\U --> REMOVED
[ZeroAccess][FOLDER] ROOT : C:\RECYCLER\S-1-5-21-4084055621-2455302966-1550939352-1007\$364d55605115baf1d28d3f84fec5e12b\U --> REMOVED
[Del.Parent][FILE] 00000004.@ : C:\RECYCLER\S-1-5-18\$364d55605115baf1d28d3f84fec5e12b\L\00000004.@ --> REMOVED
[Del.Parent][FILE] 201d3dde : C:\RECYCLER\S-1-5-18\$364d55605115baf1d28d3f84fec5e12b\L\201d3dde --> REMOVED
[ZeroAccess][FOLDER] ROOT : C:\RECYCLER\S-1-5-18\$364d55605115baf1d28d3f84fec5e12b\L --> REMOVED
[ZeroAccess][FOLDER] ROOT : C:\RECYCLER\S-1-5-21-4084055621-2455302966-1550939352-1007\$364d55605115baf1d28d3f84fec5e12b\L --> REMOVED

¤¤¤ Driver : [LOADED] ¤¤¤
SSDT[41] : NtCreateKey @ 0x80623FD6 -> HOOKED (\??\C:\DOCUME~1\COMPAQ~1\LOCALS~1\Temp\obfaabiv.sys @ 0xB4F6B6AC)
SSDT[119] : NtOpenKey @ 0x806253B4 -> HOOKED (\??\C:\DOCUME~1\COMPAQ~1\LOCALS~1\Temp\obfaabiv.sys @ 0xB4F6B562)
IRP[IRP_MJ_CREATE] : Unknown -> HOOKED ([MAJOR] atapi.sys @ 0xB9E01B40)
IRP[IRP_MJ_CLOSE] : Unknown -> HOOKED ([MAJOR] atapi.sys @ 0xB9E01B40)
IRP[IRP_MJ_DEVICE_CONTROL] : Unknown -> HOOKED ([MAJOR] atapi.sys @ 0xB9E01B40)
IRP[IRP_MJ_INTERNAL_DEVICE_CONTROL] : Unknown -> HOOKED ([MAJOR] atapi.sys @ 0xB9E01B40)
IRP[IRP_MJ_POWER] : Unknown -> HOOKED ([MAJOR] atapi.sys @ 0xB9E01B40)
IRP[IRP_MJ_SYSTEM_CONTROL] : Unknown -> HOOKED ([MAJOR] atapi.sys @ 0xB9E01B40)
IRP[IRP_MJ_PNP] : Unknown -> HOOKED ([MAJOR] atapi.sys @ 0xB9E01B40)
IRP[DriverStartIo] : Unknown -> HOOKED ([MAJOR] atapi.sys @ 0xB9DFF864)

¤¤¤ Infection : ZeroAccess ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
--> C:\WINDOWS\system32\drivers\etc\hosts

127.0.0.1 localhost


¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: WDC WD2500JD-00HBB0 +++++
--- User ---
[MBR] 11a3a19f6befc30fe14e79fa9639907b
[BSP] 7102de2751ff5596f66982e85a1fe054 : Windows XP MBR Code
Partition table:
0 - [XXXXXX] FAT32 (0x0b) [VISIBLE] Offset (sectors): 63 | Size: 4038 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 8270640 | Size: 234426 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Finished : << RKreport[2].txt >>
RKreport[1].txt ; RKreport[2].txt

----------------------------------------------------

RKreport[3]

RogueKiller V8.2.0 [10/22/2012] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Feedback: http://www.geekstogo...13-roguekiller/
Website: http://tigzy.geeksto...roguekiller.php
Blog: http://tigzyrk.blogspot.com

Operating System: Windows XP (5.1.2600 Service Pack 3) 32 bits version
Started in : Normal mode
User : Compaq_Owner [Admin rights]
Mode : Shortcuts HJfix -- Date : 10/26/2012 00:55:05

¤¤¤ Bad processes : 2 ¤¤¤
[SVCHOST] svchost.exe -- C:\WINDOWS\system32\svchost.exe -> KILLED [TermProc]
[SVCHOST] svchost.exe -- C:\WINDOWS\system32\svchost.exe -> KILLED [TermProc]

¤¤¤ Driver : [LOADED] ¤¤¤

¤¤¤ File attributes restored: ¤¤¤
Desktop: Success 53 / Fail 0
Quick launch: Success 0 / Fail 0
Programs: Success 24 / Fail 0
Start menu: Success 0 / Fail 0
User folder: Success 204 / Fail 0
My documents: Success 247 / Fail 247
My favorites: Success 0 / Fail 0
My pictures: Success 0 / Fail 0
My music: Success 0 / Fail 0
My videos: Success 0 / Fail 0
Local drives: Success 313 / Fail 0
Backup: [NOT FOUND]

Drives:
[C:] \Device\HarddiskVolume2 -- 0x3 --> Restored
[D:] \Device\HarddiskVolume1 -- 0x3 --> Restored
[E:] \Device\CdRom0 -- 0x5 --> Skipped
[F:] \Device\CdRom1 -- 0x5 --> Skipped
[G:] \Device\Harddisk1\DP(1)0-0+7 -- 0x2 --> Restored
[H:] \Device\Harddisk2\DP(1)0-0+8 -- 0x2 --> Restored
[I:] \Device\Harddisk3\DP(1)0-0+9 -- 0x2 --> Restored
[J:] \Device\Harddisk4\DP(1)0-0+a -- 0x2 --> Restored
[K:] \Device\CdRom3 -- 0x5 --> Skipped
[L:] \Device\CdRom2 -- 0x5 --> Skipped

Finished : << RKreport[3].txt >>
RKreport[1].txt ; RKreport[2].txt ; RKreport[3].txt

--------------------------------------------------------------------

OTLFixLog

All processes killed
========== COMMANDS ==========
Restore point Set: OTL Restore Point
========== OTL ==========
Service Micorsoft Windows Service stopped successfully!
Service\Driver key Micorsoft Windows Service not found.
File C:\DOCUME~1\COMPAQ~1\LOCALS~1\Temp\obfaabiv.sys not found.
Error: No service named ahru8icz was found to stop!
Service\Driver key ahru8icz not found.
Error: No service named afydi3mo was found to stop!
Service\Driver key afydi3mo not found.
Registry value HKEY_USERS\S-1-5-21-4084055621-2455302966-1550939352-1007\Software\Microsoft\Windows\CurrentVersion\Run\\HphSwemj deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\UserInit:C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\yjpdmegv\hphswemj.exe deleted successfully.
========== FILES ==========
< ipconfig /flushdns /c >
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
C:\Documents and Settings\Compaq_Owner\Desktop\cmd.bat deleted successfully.
C:\Documents and Settings\Compaq_Owner\Desktop\cmd.txt deleted successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Alex
->Temp folder emptied: 134890 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: All Users

User: Compaq_Owner
->Temp folder emptied: 148956802 bytes
->Temporary Internet Files folder emptied: 1659528 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 217820088 bytes
->Flash cache emptied: 19361 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: LocalService
->Temp folder emptied: 66016 bytes
->Temporary Internet Files folder emptied: 1763908110 bytes
->Java cache emptied: 0 bytes
->Flash cache emptied: 19682 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33447396 bytes
->Java cache emptied: 0 bytes
->Flash cache emptied: 3808 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 3829540 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 600 bytes

Total Files Cleaned = 2,069.00 mb


OTL by OldTimer - Version 3.2.69.0 log created on 10262012_010326

Files\Folders moved on Reboot...
C:\WINDOWS\temp\Perflib_Perfdata_1a0.dat moved successfully.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

----------------------------------------------------------------------------------------------

OTL QuickScan

OTL logfile created on: 26/10/2012 01:10:47 - Run 16
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Compaq_Owner\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

3.00 Gb Total Physical Memory | 2.41 Gb Available Physical Memory | 80.31% Memory free
4.84 Gb Paging File | 0.45 Gb Available in Paging File | 9.26% Paging File free
Paging file location(s): c:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 228.93 Gb Total Space | 85.68 Gb Free Space | 37.43% Space Free | Partition Type: NTFS
Drive D: | 3.94 Gb Total Space | 0.99 Gb Free Space | 25.05% Space Free | Partition Type: FAT32

Computer Name: SILVER-LIGHTNIN | User Name: Compaq_Owner | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/10/22 11:45:55 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Compaq_Owner\Desktop\OTL.exe
PRC - [2012/10/14 08:39:06 | 000,917,984 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2012/09/29 19:54:26 | 000,399,432 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2012/09/04 10:21:56 | 000,161,768 | ---- | M] (Oracle Corporation) -- C:\Program Files\Java\jre7\bin\jqs.exe
PRC - [2011/07/03 03:01:06 | 003,077,528 | ---- | M] () -- C:\Program Files\Pando Networks\Media Booster\PMB.exe
PRC - [2009/04/08 10:34:06 | 001,662,976 | ---- | M] (Belkin) -- C:\Program Files\Belkin\F5D8055\v2\Belkinwcui.exe
PRC - [2008/04/14 01:12:33 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\savedump.exe
PRC - [2008/04/14 01:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2004/07/29 02:34:22 | 002,551,808 | ---- | M] (RealTek Semicoductor Corp.) -- C:\WINDOWS\ALCWZRD.EXE
PRC - [2004/07/29 01:40:18 | 000,077,824 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SOUNDMAN.EXE
PRC - [2004/01/30 14:59:40 | 000,204,800 | ---- | M] (PCTEL Inc.) -- C:\Program Files\Arcadyan Wireless\pctwpasv.exe
PRC - [2003/09/04 11:45:08 | 000,135,214 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\Logitech\QCDriver2\LVComS.exe


========== Modules (No Company Name) ==========

MOD - [2012/10/14 08:39:06 | 002,294,240 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2011/07/03 03:01:06 | 003,077,528 | ---- | M] () -- C:\Program Files\Pando Networks\Media Booster\PMB.exe
MOD - [2008/10/23 20:25:34 | 000,188,416 | ---- | M] () -- C:\Program Files\Belkin\F5D8055\v2\BelkinwcuiDLL.dll
MOD - [2006/02/24 12:40:56 | 000,061,440 | ---- | M] () -- C:\Program Files\Belkin\F5D8055\v2\BelkinHWStatus.dll


========== Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt)
SRV - [2012/10/14 08:39:06 | 000,115,168 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/09/29 19:54:26 | 000,399,432 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2012/09/04 10:21:56 | 000,161,768 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Program Files\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2011/09/27 20:03:28 | 000,295,192 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe -- (LBTServ)
SRV - [2008/08/07 12:17:30 | 000,677,888 | ---- | M] (Nokia.) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2007/11/06 21:22:26 | 000,092,792 | ---- | M] (CACE Technologies) [On_Demand | Stopped] -- C:\Program Files\WinPcap\rpcapd.exe -- (rpcapd)
SRV - [2004/01/30 14:59:40 | 000,204,800 | ---- | M] (PCTEL Inc.) [Auto | Running] -- C:\Program Files\Arcadyan Wireless\pctwpasv.exe -- (PCTWPASV)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | Boot | Stopped] -- system32\DRIVERS\viaagp1.sys -- (viaagp1)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\PROGRA~1\COMMON~1\SYMANT~1\SymcData\idsdefs\20040813.178\symidsco.sys -- (SYMIDSCO)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\Safe Returner\RegKernelHelp.sys -- (RegKernelHelp)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\Drivers\PROCEXP151.SYS -- (PROCEXP151)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | Disabled | Running] -- C:\DOCUME~1\COMPAQ~1\LOCALS~1\Temp\obfaabiv.sys -- (Micorsoft Windows Service)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\el90xbc5.sys -- (EL90XBC)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\EagleXNt.sys -- (EagleXNt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\ComboFix\catchme.sys -- (catchme)
DRV - File not found [Kernel | On_Demand | Unknown] -- -- (az3l62rr)
DRV - File not found [Kernel | On_Demand | Unknown] -- -- (at9o0ypl)
DRV - [2012/10/20 21:09:19 | 000,040,776 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy)
DRV - [2012/09/29 19:54:26 | 000,022,856 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2011/09/02 07:31:28 | 000,039,192 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LMouFilt.Sys -- (LMouFilt)
DRV - [2011/09/02 07:31:20 | 000,041,240 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LHidFilt.Sys -- (LHidFilt)
DRV - [2011/09/02 07:30:58 | 000,012,184 | ---- | M] (Logitech, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\LBeepKE.sys -- (LBeepKE)
DRV - [2011/01/04 14:58:05 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sptd.sys -- (sptd)
DRV - [2009/04/04 00:08:08 | 000,713,344 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rt2870.sys -- (rt2870)
DRV - [2009/01/21 08:49:40 | 000,118,656 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtnicxp.sys -- (RTL8023xp)
DRV - [2008/09/26 10:53:00 | 000,079,120 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LMouKE.Sys -- (LMouKE)
DRV - [2008/09/26 10:53:00 | 000,028,816 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LUsbFilt.sys -- (LUsbFilt)
DRV - [2008/09/26 10:52:00 | 000,063,248 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\L8042mou.Sys -- (L8042mou)
DRV - [2008/09/26 10:52:00 | 000,020,240 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\L8042Kbd.sys -- (L8042Kbd)
DRV - [2008/06/06 10:24:44 | 000,008,064 | ---- | M] (Windows ® Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2008/05/07 08:38:36 | 000,008,064 | ---- | M] (Windows ® Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2008/05/07 08:38:20 | 000,020,864 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2008/05/07 08:38:20 | 000,017,536 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2008/04/13 19:53:09 | 000,040,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmnt.sys -- (nm)
DRV - [2007/11/06 21:22:06 | 000,034,064 | ---- | M] (CACE Technologies) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\npf.sys -- (NPF)
DRV - [2007/09/17 16:53:26 | 000,021,632 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2006/01/25 17:24:30 | 001,149,888 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2004/09/29 23:55:50 | 000,229,888 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sisgrp.sys -- (SiS315)
DRV - [2004/09/24 11:38:40 | 000,012,928 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\srvkp.sys -- (SiSkp)
DRV - [2004/07/29 21:04:26 | 002,216,128 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService)
DRV - [2004/06/10 19:42:38 | 000,015,429 | ---- | M] ( ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Sacm1K.sys -- (USBCM)
DRV - [2004/01/29 23:29:04 | 000,350,282 | ---- | M] (PCTEL Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\PCTELSAP.SYS -- (PRISM_A00)
DRV - [2004/01/15 13:15:06 | 000,017,359 | ---- | M] (PCTEL Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\PCTINDIS5.sys -- (PCTINDIS5)
DRV - [2003/11/13 19:01:52 | 000,145,488 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\EMUPIA2K.SYS -- (emupia)
DRV - [2003/11/13 19:01:38 | 000,130,288 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\CTSFM2K.SYS -- (ctsfm2k)
DRV - [2003/11/13 19:01:10 | 000,006,096 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\CTPRXY2K.SYS -- (ctprxy2k)
DRV - [2003/11/13 18:59:18 | 000,645,360 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\CTAC32K.SYS -- (ctac32k)
DRV - [2003/11/13 18:58:10 | 000,148,432 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\HAP16V2K.SYS -- (hap16v2k)
DRV - [2003/11/13 18:57:40 | 000,904,496 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\HA10KX2K.SYS -- (ha10kx2k)
DRV - [2003/11/12 21:11:54 | 000,333,600 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\CTDVDA2K.SYS -- (ctdvda2k)
DRV - [2003/09/19 02:47:00 | 000,010,368 | ---- | M] (Padus, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pfc.sys -- (Pfc)
DRV - [2003/09/04 11:38:56 | 000,152,576 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LV532AV.SYS -- (PID_0920)
DRV - [2003/07/18 17:58:20 | 000,036,992 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\SISAGPX.SYS -- (SISAGP)
DRV - [2002/10/04 18:04:10 | 000,046,976 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\R8139n51.sys -- (rtl8139)
DRV - [2002/07/29 23:43:50 | 000,023,808 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\PS2.sys -- (Ps2)
DRV - [2001/08/17 13:11:18 | 000,020,160 | ---- | M] (ADMtek Incorporated) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ADM8511.SYS -- (ADM8511)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-4084055621-2455302966-1550939352-1007\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Live Search
IE - HKU\S-1-5-21-4084055621-2455302966-1550939352-1007\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://search.live.c...ferrer:source?}
IE - HKU\S-1-5-21-4084055621-2455302966-1550939352-1007\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKU\S-1-5-21-4084055621-2455302966-1550939352-1007\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://uk.msn.com/?ocid=iehp
IE - HKU\S-1-5-21-4084055621-2455302966-1550939352-1007\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-gb
IE - HKU\S-1-5-21-4084055621-2455302966-1550939352-1007\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 20 82 4B 6E 8F 86 CD 01 [binary data]
IE - HKU\S-1-5-21-4084055621-2455302966-1550939352-1007\..\SearchScopes,DefaultScope = {AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB9}
IE - HKU\S-1-5-21-4084055621-2455302966-1550939352-1007\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...Box&Form=IE8SRC
IE - HKU\S-1-5-21-4084055621-2455302966-1550939352-1007\..\SearchScopes\{A344D54B-1871-43A7-8EC5-E567C418D4C8}: "URL" = http://search.live.c...Box&Form=IE8SRC
IE - HKU\S-1-5-21-4084055621-2455302966-1550939352-1007\..\SearchScopes\{AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB9}: "URL" = http://www.daemon-se...q={searchTerms}
IE - HKU\S-1-5-21-4084055621-2455302966-1550939352-1007\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.soa-clan.info/forum/"
FF - prefs.js..extensions.enabledAddons: {e001c731-5e37-4538-a5cb-8168736a2360}:0.9.9.119
FF - prefs.js..extensions.enabledAddons: [email protected]:0.801
FF - prefs.js..network.proxy.type: 0


FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_4_402_287.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@bittorrent.com/BitTorrentDNA: C:\Program Files\DNA\plugins\npbtdna.dll (BitTorrent, Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012/04/05 23:59:54 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/10/14 08:39:07 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/10/25 19:34:03 | 000,000,000 | ---D | M]

[2009/02/11 18:43:10 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Extensions
[2009/02/11 18:43:10 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Extensions\[email protected]
[2012/10/23 18:53:26 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\r774xhi2.default\extensions
[2009/05/03 16:33:55 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\r774xhi2.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}(2)
[2012/06/27 21:04:08 | 000,000,000 | ---D | M] (Bitdefender QuickScan) -- C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\r774xhi2.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}
[2012/04/03 13:24:58 | 000,004,234 | ---- | M] () (No name found) -- C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\r774xhi2.default\extensions\[email protected]
[2012/10/18 14:26:19 | 000,239,323 | ---- | M] () (No name found) -- C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\r774xhi2.default\extensions\[email protected]
[2012/07/26 18:01:55 | 000,741,958 | ---- | M] () (No name found) -- C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\r774xhi2.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2012/10/14 08:38:56 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012/10/14 08:39:07 | 000,261,600 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2008/09/04 01:11:24 | 000,054,600 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files\mozilla firefox\plugins\npbittorrent.dll
[2012/10/14 08:39:03 | 000,001,525 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-en-GB.xml
[2012/10/14 08:39:03 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012/10/14 08:39:03 | 000,000,935 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\chambers-en-GB.xml
[2012/10/14 08:39:03 | 000,001,166 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-en-GB.xml
[2012/10/14 08:39:03 | 000,002,058 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml
[2012/10/14 08:39:03 | 000,001,121 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-en-GB.xml

O1 HOSTS File: ([2011/12/26 02:29:09 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O4 - HKLM..\Run: [AlcWzrd] C:\WINDOWS\ALCWZRD.EXE (RealTek Semicoductor Corp.)
O4 - HKLM..\Run: [CTHelper] C:\WINDOWS\System32\CTHELPER.EXE (Creative Technology Ltd)
O4 - HKLM..\Run: [F5D8055v2] C:\Program Files\Belkin\F5D8055\v2\Belkinwcui.exe (Belkin)
O4 - HKLM..\Run: [LSBWatcher] c:\hp\drivers\hplsbwatcher\LSBurnWatcher.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [LVCOMS] C:\Program Files\Common Files\Logitech\QCDriver2\LVComS.exe (Logitech Inc.)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [Recguard] C:\WINDOWS\SMINST\Recguard.exe ()
O4 - HKLM..\Run: [SiSPower] C:\WINDOWS\System32\SiSPower.dll (Silicon Integrated Systems Corporation)
O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\SOUNDMAN.EXE (Realtek Semiconductor Corp.)
O4 - HKU\S-1-5-21-4084055621-2455302966-1550939352-1007..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-4084055621-2455302966-1550939352-1007..\Run: [HphSwemj] C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\yjpdmegv\hphswemj.exe File not found
O4 - HKU\S-1-5-21-4084055621-2455302966-1550939352-1007..\Run: [Pando Media Booster] C:\Program Files\Pando Networks\Media Booster\PMB.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-4084055621-2455302966-1550939352-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-4084055621-2455302966-1550939352-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-4084055621-2455302966-1550939352-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000022 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000023 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000024 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000025 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000026 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000027 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000028 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000029 - mswsock.dll File not found
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} http://messenger.zon...wn.cab56986.cab (Solitaire Showdown Class)
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} http://messenger.zon...1/GAME_UNO1.cab (UnoCtrl Class)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.micros...b?1293940326812 (WUWebControl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.micros...b?1231289923359 (MUWebControl Class)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset...lineScanner.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Reg Error: Value error.)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zon...nt.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} http://messenger.zon...er.cab56986.cab (Minesweeper Flags Class)
O16 - DPF: {FE5B9F54-7764-4C01-89F0-4862601EE954} http://photos.msn.co....cab?10,0,910,0 (DigWebHelper Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 194.168.4.100 194.168.8.100
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{65F5F5DF-B133-4572-8941-3304DFB16406}: DhcpNameServer = 194.168.4.100 194.168.8.100
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (c:\windows\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\yjpdmegv\hphswemj.exe) - C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\yjpdmegv\hphswemj.exe File not found
O20 - Winlogon\Notify\igfxcui: DllName - (igfxsrvc.dll) - C:\WINDOWS\System32\igfxsrvc.dll (Intel Corporation)
O20 - Winlogon\Notify\LBTWlgn: DllName - (c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll) - c:\Program Files\Common Files\Logishrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004/01/01 09:35:37 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2001/07/27 22:07:38 | 000,000,000 | --S- | M] () - D:\AUTOEXEC.BAT -- [ FAT32 ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2012/10/26 00:46:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Owner\Desktop\RK_Quarantine
[2012/10/26 00:36:34 | 000,000,000 | ---D | C] -- C:\TDSSKiller_Quarantine
[2012/10/23 23:29:21 | 004,722,680 | ---- | C] (Swearware) -- C:\Documents and Settings\Compaq_Owner\Desktop\ComboFix.exe
[2012/10/23 23:20:24 | 000,694,323 | ---- | C] (Farbar) -- C:\Documents and Settings\Compaq_Owner\Desktop\FSS.exe
[2012/10/23 23:00:14 | 002,212,440 | ---- | C] (Kaspersky Lab ZAO) -- C:\Documents and Settings\Compaq_Owner\Desktop\TDSSKiller.exe
[2012/10/22 11:45:54 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Compaq_Owner\Desktop\OTL.exe
[2012/10/20 21:08:09 | 010,669,952 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\Compaq_Owner\Desktop\mbam-setup-1.65.1.1000.exe
[2012/10/20 20:39:04 | 000,040,776 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2012/10/20 20:29:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012/10/20 20:29:33 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2012/10/20 20:29:33 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2012/10/14 17:47:56 | 000,000,000 | ---D | C] -- C:\Utopia
[2012/10/14 08:38:55 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox

========== Files - Modified Within 30 Days ==========

[2012/10/26 01:10:16 | 000,100,144 | ---- | M] () -- C:\Documents and Settings\All Users\Documents\SweetHorse.scr
[2012/10/26 01:08:12 | 000,206,530 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2012/10/26 01:08:03 | 000,100,144 | -H-- | M] () -- C:\WINDOWS\System32\ytyucuYT
[2012/10/26 01:08:02 | 000,000,248 | ---- | M] () -- C:\WINDOWS\System\hpsysdrv.dat
[2012/10/26 01:08:01 | 000,100,144 | -H-- | M] () -- C:\Documents and Settings\Compaq_Owner\ytyucuYT
[2012/10/26 01:07:07 | 000,012,620 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012/10/26 01:06:58 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012/10/26 01:06:56 | 3220,557,824 | -HS- | M] () -- C:\hiberfil.sys
[2012/10/26 00:57:00 | 000,100,144 | -H-- | M] () -- C:\Documents and Settings\Compaq_Owner\UN4Qzhb
[2012/10/26 00:48:30 | 000,001,324 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2012/10/26 00:43:32 | 001,682,432 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Desktop\RogueKiller.exe
[2012/10/26 00:36:06 | 000,014,378 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Desktop\ddrgdrgdg.JPG
[2012/10/26 00:32:29 | 000,100,144 | ---- | M] () -- C:\Documents and Settings\All Users\Documents\FistBanging.scr
[2012/10/25 22:16:08 | 000,100,144 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Desktop\ytyucuYT
[2012/10/24 10:34:32 | 000,100,144 | ---- | M] () -- C:\Documents and Settings\All Users\Documents\PunishedHousewife.scr
[2012/10/23 23:32:38 | 004,722,680 | ---- | M] (Swearware) -- C:\Documents and Settings\Compaq_Owner\Desktop\ComboFix.exe
[2012/10/23 23:18:12 | 000,694,323 | ---- | M] (Farbar) -- C:\Documents and Settings\Compaq_Owner\Desktop\FSS.exe
[2012/10/23 22:59:42 | 000,609,880 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Desktop\cbsidlm-tr1_7-Combofix-ORG2-75221073.exe
[2012/10/22 13:11:24 | 000,188,416 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/10/22 11:45:55 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Compaq_Owner\Desktop\OTL.exe
[2012/10/20 21:09:19 | 000,040,776 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2012/10/20 21:09:16 | 000,000,792 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2012/10/20 21:08:23 | 010,669,952 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\Compaq_Owner\Desktop\mbam-setup-1.65.1.1000.exe
[2012/10/20 20:38:36 | 000,000,282 | RHS- | M] () -- C:\boot.ini
[2012/10/20 20:24:35 | 000,002,461 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Desktop\HiJackThis.lnk
[2012/10/20 16:26:53 | 000,511,978 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012/10/20 16:26:52 | 000,091,734 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012/10/16 11:07:00 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2012/10/14 22:52:20 | 000,002,431 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Labtec WebCam.lnk
[2012/10/14 17:48:01 | 000,000,607 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Desktop\Utopia Angel.lnk
[2012/10/06 13:14:57 | 001,597,734 | -H-- | M] () -- C:\Documents and Settings\Compaq_Owner\Desktop\untitled54.bmp
[2012/09/29 19:54:26 | 000,022,856 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2012/09/28 15:18:35 | 2145,386,496 | ---- | M] () -- C:\WINDOWS\MEMORY.DMP

========== Files Created - No Company Name ==========

[2012/10/26 00:43:30 | 001,682,432 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Desktop\RogueKiller.exe
[2012/10/26 00:33:28 | 000,014,378 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Desktop\ddrgdrgdg.JPG
[2012/10/25 19:36:38 | 000,100,144 | -H-- | C] () -- C:\Documents and Settings\Compaq_Owner\UN4Qzhb
[2012/10/25 17:59:23 | 000,100,144 | -H-- | C] () -- C:\Documents and Settings\Compaq_Owner\ytyucuYT
[2012/10/25 01:43:13 | 000,100,144 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Desktop\ytyucuYT
[2012/10/25 01:18:45 | 000,100,144 | -H-- | C] () -- C:\WINDOWS\System32\ytyucuYT
[2012/10/23 22:59:39 | 000,609,880 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Desktop\cbsidlm-tr1_7-Combofix-ORG2-75221073.exe
[2012/10/20 20:31:14 | 3220,557,824 | -HS- | C] () -- C:\hiberfil.sys
[2012/10/20 20:29:38 | 000,000,792 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2012/10/14 17:48:01 | 000,000,607 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Desktop\Utopia Angel.lnk
[2012/10/06 13:14:57 | 001,597,734 | -H-- | C] () -- C:\Documents and Settings\Compaq_Owner\Desktop\untitled54.bmp
[2012/08/22 20:39:59 | 000,000,040 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\jagex_cl_runescape_LIVE.dat
[2012/07/06 01:47:14 | 000,000,976 | ---- | C] () -- C:\WINDOWS\eReg.dat
[2011/09/15 03:25:52 | 000,000,129 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
[2011/08/26 18:43:55 | 000,000,259 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Application Data\Gangsters2Setup.lnk
[2011/01/02 07:13:06 | 000,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI
[2011/01/02 06:31:25 | 000,376,832 | ---- | C] () -- C:\WINDOWS\System32\AegisI5Installer.exe
[2011/01/02 06:31:22 | 000,200,704 | ---- | C] () -- C:\WINDOWS\System32\UpdateDriver.exe
[2011/01/02 06:31:22 | 000,005,116 | ---- | C] () -- C:\WINDOWS\System32\ucuiinfo.ini
[2011/01/02 06:31:22 | 000,004,096 | ---- | C] () -- C:\WINDOWS\System32\drivers\RT2870.bin
[2010/12/31 12:33:13 | 000,013,931 | ---- | C] () -- C:\WINDOWS\System32\RaCoInst.dat
[2010/12/31 07:57:41 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2010/12/31 05:18:30 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2010/12/31 05:14:52 | 000,014,658 | ---- | C] () -- C:\WINDOWS\System32\Aud2_Hp.ini
[2010/12/31 05:14:52 | 000,000,029 | ---- | C] () -- C:\WINDOWS\System32\ctzapxx.ini
[2010/12/28 11:01:14 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2010/12/28 11:01:14 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2010/12/28 11:01:14 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2010/12/28 11:01:14 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2010/12/28 11:01:14 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2010/12/27 02:18:55 | 000,240,592 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb0.bin
[2010/12/27 02:18:42 | 000,240,592 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb1.bin
[2010/12/27 02:18:42 | 000,000,001 | ---- | C] () -- C:\WINDOWS\System32\nvdrssel.bin
[2010/12/24 00:37:55 | 002,293,194 | ---- | C] () -- C:\WINDOWS\System32\nvdata.bin
[2009/09/07 06:18:13 | 000,000,760 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Application Data\setup_ldm.iss
[2009/06/05 05:29:51 | 000,000,034 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\jagex_runescape_preferences.dat
[2009/01/17 09:23:28 | 000,188,416 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/01/13 13:44:01 | 000,022,328 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Application Data\PnkBstrK.sys
[2009/01/06 23:08:55 | 000,000,135 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\fusioncache.dat

========== ZeroAccess Check ==========

[2012/10/25 21:10:24 | 000,002,048 | ---- | M] () -- C:\RECYCLER\S-1-5-18\$364d55605115baf1d28d3f84fec5e12b\@
[2012/10/25 21:10:24 | 000,028,672 | ---- | M] () -- C:\RECYCLER\S-1-5-18\$364d55605115baf1d28d3f84fec5e12b\n
[2012/10/26 00:47:56 | 000,000,000 | ---D | M] -- C:\RECYCLER\S-1-5-18\$364d55605115baf1d28d3f84fec5e12b\U
[2012/10/25 21:10:24 | 000,028,672 | ---- | M] () -- C:\recycler\S-1-5-21-4084055621-2455302966-1550939352-1007\$364d55605115baf1d28d3f84fec5e12b\n
[2004/01/01 09:53:03 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
[2012/10/26 00:31:45 | 000,005,120 | ---- | M] () -- C:\WINDOWS\assembly\GAC\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
"ThreadingModel" = Both
"" = C:\WINDOWS\system32\shell32.dll -- [2012/06/08 15:26:20 | 008,462,848 | ---- | M] (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2011/11/01 21:35:20 | 001,510,400 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009/02/09 13:10:48 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\System32\wbem\wbemess.dll -- [2008/04/14 01:12:08 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2004/01/02 01:20:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Intervideo
[2004/01/02 01:51:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\SampleView
[2009/09/09 17:38:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alex\Application Data\BitTorrent
[2009/06/15 15:49:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alex\Application Data\DAEMON Tools
[2009/06/15 15:49:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alex\Application Data\DAEMON Tools Lite
[2009/06/15 15:49:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alex\Application Data\DAEMON Tools Pro
[2004/01/02 01:20:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alex\Application Data\Intervideo
[2010/07/02 15:10:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alex\Application Data\Nokia
[2010/07/02 15:11:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alex\Application Data\PC Suite
[2004/01/02 01:51:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alex\Application Data\SampleView
[2011/07/17 13:30:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alex\Application Data\Sports Interactive
[2009/03/29 15:46:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alex\Application Data\The Creative Assembly
[2012/08/30 10:18:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alex\Application Data\USMA
[2012/04/02 04:30:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVAST Software
[2011/01/04 14:57:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Lite
[2009/09/09 17:03:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Electronic Arts
[2009/01/07 01:55:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Installations
[2004/01/02 01:19:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\InterVideo
[2009/03/14 18:59:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Drivers HeadQuarters
[2010/07/02 15:09:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Suite
[2012/10/26 00:28:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PMB Files
[2011/12/19 19:58:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SafeReturner
[2011/01/04 15:10:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sports Interactive
[2009/01/10 07:39:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ubisoft
[2009/01/07 01:39:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
[2012/07/08 04:03:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\BitTorrent
[2009/01/07 17:46:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\DAEMON Tools
[2011/01/04 15:03:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\DAEMON Tools Lite
[2009/01/07 17:46:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\DAEMON Tools Pro
[2012/07/23 19:18:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\DDMSettings
[2009/06/25 00:30:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\DMCache
[2011/01/02 06:18:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\DNA
[2004/01/02 01:20:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Intervideo
[2009/01/08 02:07:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Leadertech
[2009/04/23 21:17:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\LimeWire
[2011/07/03 12:38:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\LolClient
[2012/06/27 14:08:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\LolMatches Client
[2009/01/07 01:55:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Nokia
[2009/01/07 01:56:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\PC Suite
[2012/09/04 14:40:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\QuickScan
[2004/01/02 01:51:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\SampleView
[2012/04/04 17:31:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\SoftChalk
[2011/04/16 19:22:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Sports Interactive
[2009/06/25 19:10:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\TeamViewer
[2009/03/23 18:34:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\The Creative Assembly
[2011/08/21 10:16:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\TS3Client
[2009/01/10 07:39:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Ubisoft
[2012/08/28 23:40:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\USMA
[2004/01/02 01:20:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Default User\Application Data\Intervideo
[2004/01/02 01:51:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Default User\Application Data\SampleView

========== Purity Check ==========



< End of report >

----------------------------------------------------------------------------------------------

Combo fix did the same as before. It opened and ran for about 1 second and then closed. Thanks for the help yet again.

Edited by younggeeza, 25 October 2012 - 06:24 PM.

[Nedklaw]

Hi.
Rename ComboFix to Nedklaw.exe and then try to run it.

[younggeeza]

That got it to run. I've noticed hidden files called ytyucuYT forming in many places on my pc. Also, still getting the virtual memory minimum too low along with the kernel message from daemon tools. In addition, my page file usage in task manager is pretty much maximum but i don't konw if that's normal or not.

ComboFix 12-10-25.02 - Compaq_Owner 26/10/2012 5:51.3.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.44.1033.18.3071.2359 [GMT 1:00]
Running from: c:\documents and settings\Compaq_Owner\Desktop\Nedklaw.exe.exe
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\Alex\Local Settings\Application Data\bsbybbtu.log
c:\documents and settings\Alex\Local Settings\Application Data\jjxylaod.log
c:\documents and settings\Alex\Local Settings\Application Data\kjnojkrt.log
c:\documents and settings\Alex\Local Settings\Application Data\ncoguvxx.log
c:\documents and settings\Alex\Local Settings\Application Data\tyyliydr.log
c:\documents and settings\Alex\Local Settings\Application Data\ulrmjsst.log
c:\documents and settings\Alex\Local Settings\Application Data\weljvrww.log
c:\documents and settings\Alex\Local Settings\Application Data\yvcwfauj.log
c:\documents and settings\Compaq_Owner\1CeYHfG
c:\documents and settings\Compaq_Owner\Local Settings\Application Data\{54737D60-2ACD-4881-8B76-5C5A7E76F5F1}
c:\documents and settings\Compaq_Owner\Local Settings\Application Data\{54737D60-2ACD-4881-8B76-5C5A7E76F5F1}\chrome\content\_cfg.js
c:\documents and settings\Compaq_Owner\Local Settings\Application Data\{54737D60-2ACD-4881-8B76-5C5A7E76F5F1}\chrome\content\c.js
c:\documents and settings\Compaq_Owner\Local Settings\Application Data\{54737D60-2ACD-4881-8B76-5C5A7E76F5F1}\chrome\content\overlay.xul
c:\documents and settings\Compaq_Owner\Local Settings\Application Data\{54737D60-2ACD-4881-8B76-5C5A7E76F5F1}\install.rdf
c:\documents and settings\Compaq_Owner\Local Settings\Application Data\bsbybbtu.log
c:\documents and settings\Compaq_Owner\Local Settings\Application Data\istlpdhg.log
c:\documents and settings\Compaq_Owner\Local Settings\Application Data\jjxylaod.log
c:\documents and settings\Compaq_Owner\Local Settings\Application Data\kjnojkrt.log
c:\documents and settings\Compaq_Owner\Local Settings\Application Data\ncoguvxx.log
c:\documents and settings\Compaq_Owner\Local Settings\Application Data\tyyliydr.log
c:\documents and settings\Compaq_Owner\Local Settings\Application Data\ulrmjsst.log
c:\documents and settings\Compaq_Owner\Local Settings\Application Data\weljvrww.log
c:\documents and settings\Compaq_Owner\Local Settings\Application Data\yjpdmegv\hphswemj.exe
c:\documents and settings\Compaq_Owner\Local Settings\Application Data\yvcwfauj.log
c:\documents and settings\Compaq_Owner\UN4Qzhb
c:\documents and settings\Compaq_Owner\ytyucuYT
c:\windows\system32\URTTemp
c:\windows\system32\URTTemp\fusion.dll
c:\windows\system32\URTTemp\mscoree.dll
c:\windows\system32\URTTemp\mscoree.dll.local
c:\windows\system32\URTTemp\mscorsn.dll
c:\windows\system32\URTTemp\mscorwks.dll
c:\windows\system32\URTTemp\msvcr71.dll
c:\windows\system32\URTTemp\regtlib.exe
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_MICORSOFT_WINDOWS_SERVICE
-------\Legacy_NVSVC
-------\Service_Micorsoft Windows Service
-------\Service_NVSvc
.
.
((((((((((((((((((((((((( Files Created from 2012-09-26 to 2012-10-26 )))))))))))))))))))))))))))))))
.
.
2012-10-26 04:36 . 2012-10-26 05:02 100144 ---ha-w- c:\windows\system32\ytyucuYT
2012-10-25 23:36 . 2012-10-25 23:36 -------- d-----w- C:\TDSSKiller_Quarantine
2012-10-20 19:39 . 2012-10-20 20:09 40776 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2012-10-20 19:29 . 2012-10-20 20:09 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2012-10-20 19:29 . 2012-09-29 18:54 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-10-20 04:31 . 2012-10-26 05:02 -------- d-----w- c:\documents and settings\Compaq_Owner\Local Settings\Application Data\yjpdmegv
2012-10-14 16:47 . 2012-10-14 16:47 -------- d-----w- C:\Utopia
2012-10-09 16:35 . 2012-10-09 16:35 9575864 ----a-w- c:\windows\system32\FlashPlayerInstaller.exe
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-10-09 16:41 . 2012-06-27 20:19 696760 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-10-09 16:41 . 2011-12-27 23:50 73656 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-09-04 13:22 . 2012-09-04 13:22 388096 ----a-w- c:\documents and settings\Compaq_Owner\Application Data\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2012-09-04 09:21 . 2012-09-04 09:22 93672 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2012-09-04 09:21 . 2012-08-22 19:39 821736 ----a-w- c:\windows\system32\npDeployJava1.dll
2012-09-04 09:21 . 2009-03-18 15:03 143872 ----a-w- c:\windows\system32\javacpl.cpl
2012-09-04 09:21 . 2011-01-02 04:32 746984 ----a-w- c:\windows\system32\deployJava1.dll
2012-10-14 07:39 . 2012-10-14 07:38 261600 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2010-04-01 357696]
"Pando Media Booster"="c:\program files\Pando Networks\Media Booster\PMB.exe" [2011-07-03 3077528]
"HphSwemj"="c:\documents and settings\Compaq_Owner\Local Settings\Application Data\yjpdmegv\hphswemj.exe" [2012-10-26 100144]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" [2005-04-12 14156800]
"SoundMan"="SOUNDMAN.EXE" [2004-07-29 77824]
"CTHelper"="CTHELPER.EXE" [2003-11-13 24576]
"AlcWzrd"="ALCWZRD.EXE" [2004-07-29 2551808]
"SiSPower"="SiSPower.dll" [2004-09-24 49152]
"Recguard"="c:\windows\SMINST\RECGUARD.EXE" [2004-04-14 233472]
"LVCOMS"="c:\program files\Common Files\Logitech\QCDriver2\LVCOMS.EXE" [2003-09-04 135214]
"LSBWatcher"="c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe" [2004-10-14 253952]
"KBD"="c:\hp\KBD\KBD.EXE" [2003-02-11 61440]
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2004-06-16 184320]
"ISUSPM Startup"="c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2004-06-16 319488]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2004-08-20 155648]
"hpsysdrv"="c:\windows\system\hpsysdrv.exe" [1998-05-07 52736]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"AGRSMMSG"="AGRSMMSG.exe" [2004-06-29 88363]
"F5D8055v2"="c:\program files\Belkin\F5D8055\v2\Belkinwcui.exe" [2009-04-08 1662976]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-01-15 13680640]
"nwiz"="nwiz.exe" [2009-01-15 1657376]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2009-01-15 86016]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2008-11-04 516096]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360]
"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2011-07-27 434080]
.
c:\documents and settings\Alex\Start Menu\Programs\Startup\
hphswemj.exe [2012-10-25 100144]
.
c:\documents and settings\Compaq_Owner\Start Menu\Programs\Startup\
hphswemj.exe [2012-10-26 100144]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"Userinit"="c:\windows\system32\userinit.exe,,c:\documents and settings\Compaq_Owner\Local Settings\Application Data\yjpdmegv\hphswemj.exe"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn]
2011-09-27 19:03 66328 ----a-w- c:\program files\Common Files\Logishrd\Bluetooth\LBTWLgn.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]
@=""
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DevconDefaultDB]
c:\windows\READREG [X]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AsioReg]
2003-11-13 18:04 126976 ----a-w- c:\windows\system32\CTASIO.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BitTorrent DNA]
2011-01-02 02:30 323392 ----a-w- c:\program files\DNA\btdna.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BrowserChoice]
2010-02-12 10:03 293376 ------w- c:\windows\system32\browserchoice.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
2008-12-29 10:40 687560 ----a-w- c:\program files\DAEMON Tools Lite\daemon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
2011-07-28 23:08 1259376 ----a-w- c:\program files\DivX\DivX Update\DivXUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2008-11-20 13:20 290088 ----a-w- c:\program files\iTunes\iTunesHelper.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LolMatches Client]
2012-09-28 14:50 1292288 ----a-w- c:\program files\LolMatches Client\LolMatches Client.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
2008-04-14 00:12 1695232 --s---w- c:\program files\Messenger\msmsgs.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSN Webcam Recorder]
2008-03-17 09:06 253952 ----a-w- c:\program files\MSN Webcam Recorder\ml20gui.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
2010-04-16 21:12 3872080 ----a-w- c:\program files\Windows Live\Messenger\msnmsgr.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Nokia.PCSync]
2008-06-17 16:00 1351680 ----a-w- c:\program files\Nokia\Nokia PC Suite 7\PcSync2.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
2009-01-15 07:19 13680640 ----a-w- c:\windows\system32\nvcpl.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
2009-01-15 07:19 86016 ----a-w- c:\windows\system32\nvmctray.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
2009-01-15 07:19 1657376 ----a-w- c:\windows\system32\nwiz.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray]
2008-10-02 07:00 1226240 ----a-w- c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PS2]
2003-09-12 20:13 98304 ----a-w- c:\windows\system32\ps2.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2008-11-04 10:30 516096 ----a-w- c:\program files\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RealTray]
2009-01-07 00:46 122880 ----a-w- c:\program files\Real\RealPlayer\realplay.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SetDefaultMIDI]
2003-06-20 19:13 49152 -c--a-w- c:\windows\MIDIDEF.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoftAP]
2004-02-17 10:19 638976 ----a-w- c:\program files\Arcadyan Wireless\NetCfgWizard.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
2012-08-31 12:35 1353080 ----a-w- c:\program files\Steam\steam.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Wireless SoftAP]
2004-02-17 10:20 770048 ----a-w- c:\program files\Arcadyan Wireless\Configuration\SoftAP.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001
"FirewallDisableNotify"=dword:00000001
"UpdatesDisableNotify"=dword:00000001
"AntiVirusOverride"=dword:00000001
"FirewallOverride"=dword:00000001
"UacDisableNotify"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
"DisableNotifications"= 1 (0x1)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
.
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [07/01/2009 06:33 691696]
R2 LBeepKE;Logitech Beep Suppression Driver;c:\windows\system32\drivers\LBeepKE.sys [24/03/2012 20:16 12184]
R2 MBAMScheduler;MBAMScheduler;c:\program files\Malwarebytes' Anti-Malware\mbamscheduler.exe [20/10/2012 21:09 399432]
R2 PCTWPASV;SoftAP WPA Authenticator Service;c:\program files\Arcadyan Wireless\pctwpasv.exe [30/01/2004 14:59 204800]
R3 PRISM_A00;Intersil PRISM 802.11a/g Driver;c:\windows\system32\drivers\PCTELSAP.SYS [29/01/2004 23:29 350282]
R4 Micorsoft Windows Service;Micorsoft Windows Service;\??\c:\docume~1\COMPAQ~1\LOCALS~1\Temp\obfaabiv.sys --> c:\docume~1\COMPAQ~1\LOCALS~1\Temp\obfaabiv.sys [?]
S3 ADM8511;%ADM8511.Service.DispName%;c:\windows\system32\drivers\ADM8511.SYS [17/08/2001 13:11 20160]
S3 EagleXNt;EagleXNt;\??\c:\windows\system32\drivers\EagleXNt.sys --> c:\windows\system32\drivers\EagleXNt.sys [?]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [20/10/2012 20:29 22856]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [20/10/2012 20:39 40776]
S3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\Mozilla Maintenance Service\maintenanceservice.exe [30/06/2012 18:37 115168]
S3 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [06/11/2007 21:22 34064]
S3 PID_0920;Logitech QuickCam Express(PID_0920);c:\windows\system32\drivers\LV532AV.SYS [07/01/2009 01:46 152576]
S3 PROCEXP151;PROCEXP151;\??\c:\windows\system32\Drivers\PROCEXP151.SYS --> c:\windows\system32\Drivers\PROCEXP151.SYS [?]
S3 RegKernelHelp;RegKernelHelp;\??\c:\program files\Safe Returner\RegKernelHelp.sys --> c:\program files\Safe Returner\RegKernelHelp.sys [?]
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - MICORSOFT_WINDOWS_SERVICE
*NewlyCreated* - WS2IFSL
.
Contents of the 'Scheduled Tasks' folder
.
2012-10-16 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 12:34]
.
.
------- Supplementary Scan -------
.
uSearchMigratedDefaultURL = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 194.168.4.100 194.168.8.100
FF - ProfilePath - c:\documents and settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\r774xhi2.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.soa-clan.info/forum/
FF - prefs.js: network.proxy.type - 0
FF - ExtSQL: 2012-10-09 16:36; [email protected]; c:\documents and settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\r774xhi2.default\extensions\[email protected]
FF - user.js: network.cookie.cookieBehavior - 0
FF - user.js: privacy.clearOnShutdown.cookies - false
FF - user.js: security.warn_viewing_mixed - false
FF - user.js: security.warn_viewing_mixed.show_once - false
FF - user.js: security.warn_submit_insecure - false
FF - user.js: security.warn_submit_insecure.show_once - false
.
- - - - ORPHANS REMOVED - - - -
.
SafeBoot-12234215.sys
SafeBoot-51680347.sys
AddRemove-{7B63B2922B174135AFC0E1377DD81EC2} - c:\program files\DivX\DivXCodecUninstall.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-10-26 06:02
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-4084055621-2455302966-1550939352-1007\Software\G*e*n*i*e*"!\FM Genie Scout 2008]
"GameDir"=""
"ShortlistDir"=""
"ScreenshotsDir"=""
"SaveDir"=""
"HistoryDir"="c:\\Documents and Settings\\Compaq_Owner\\Desktop\\fm_genie_scout_2008\\FM Genie Scout 2008\\History Points"
"LangDB"=""
"LastSaveGame"=""
"Language"="English"
"LoadLangDB"=dword:00000000
"CompressHistoryPoints"=dword:00000000
"HighlightedAttributes"=dword:00000000
"MinCondition"=dword:00000050
"SkinID"=dword:00000001
"LastUpdateCheck"=dword:00000000
"HighQualityGUI"=dword:00000001
"AutomaticallyUpdateCheck"=dword:00000001
"AdvancedGeneration"=dword:00000000
"TranslateStaffSkills"=dword:00000001
"TranslatePlayerSkills"=dword:00000001
"TranslatePositions"=dword:00000001
"ShowHistory"=dword:00000001
"WindowState"=dword:00000000
"WindowHeight"=dword:0000026d
"WindowWidth"=dword:000003fc
"WindowLeft"=dword:00000082
"WindowTop"=dword:000000ca
"UseProxy"=dword:00000000
"ProxyHost"=""
"ProxyPort"=""
"UseAuthentication"=dword:00000000
"UserName"=""
"UserPassword"=""
.
[HKEY_USERS\S-1-5-21-4084055621-2455302966-1550939352-1007\Software\G*e*n*i*e*"!\FM Genie Scout 2008\Columns\Clubs]
"Position0"=dword:00000000
"Visible0"=dword:00000001
"Width0"=dword:0000007d
"Position1"=dword:00000001
"Visible1"=dword:00000001
"Width1"=dword:00000064
"Position2"=dword:00000002
"Visible2"=dword:00000001
"Width2"=dword:00000064
"Position3"=dword:00000003
"Visible3"=dword:00000001
"Width3"=dword:00000032
"Position4"=dword:00000004
"Visible4"=dword:00000001
"Width4"=dword:00000032
"Position5"=dword:00000005
"Visible5"=dword:00000001
"Width5"=dword:00000050
"Position6"=dword:00000006
"Visible6"=dword:00000001
"Width6"=dword:00000050
"Position7"=dword:00000007
"Visible7"=dword:00000001
"Width7"=dword:00000050
"Position8"=dword:00000008
"Visible8"=dword:00000000
"Width8"=dword:00000050
"Position9"=dword:00000009
"Visible9"=dword:00000000
"Width9"=dword:0000002d
"Position10"=dword:0000000a
"Visible10"=dword:00000000
"Width10"=dword:0000001e
"Position11"=dword:0000000b
"Visible11"=dword:00000000
"Width11"=dword:0000001e
"Position12"=dword:0000000c
"Visible12"=dword:00000000
"Width12"=dword:0000001e
"Position13"=dword:0000000d
"Visible13"=dword:00000001
"Width13"=dword:0000003c
"Position14"=dword:0000000e
"Visible14"=dword:00000000
"Width14"=dword:00000032
"Position15"=dword:0000000f
"Visible15"=dword:00000000
"Width15"=dword:00000032
"Position16"=dword:00000010
"Visible16"=dword:00000000
"Width16"=dword:00000032
"Position17"=dword:00000011
"Visible17"=dword:00000001
"Width17"=dword:00000050
"Position18"=dword:00000012
"Visible18"=dword:00000001
"Width18"=dword:00000050
"Position19"=dword:00000013
"Visible19"=dword:00000000
"Width19"=dword:00000050
.
[HKEY_USERS\S-1-5-21-4084055621-2455302966-1550939352-1007\Software\G*e*n*i*e*"!\FM Genie Scout 2008\Columns\Players]
"Position0"=dword:00000000
"Visible0"=dword:00000001
"Width0"=dword:0000007d
"Position1"=dword:00000001
"Visible1"=dword:00000001
"Width1"=dword:00000064
"Position2"=dword:00000002
"Visible2"=dword:00000001
"Width2"=dword:00000064
"Position3"=dword:00000003
"Visible3"=dword:00000001
"Width3"=dword:00000037
"Position4"=dword:00000008
"Visible4"=dword:00000001
"Width4"=dword:00000023
"Position5"=dword:00000009
"Visible5"=dword:00000001
"Width5"=dword:00000028
"Position6"=dword:0000000a
"Visible6"=dword:00000001
"Width6"=dword:00000028
"Position7"=dword:0000000c
"Visible7"=dword:00000001
"Width7"=dword:0000004b
"Position8"=dword:0000000d
"Visible8"=dword:00000001
"Width8"=dword:0000004b
"Position9"=dword:0000000e
"Visible9"=dword:00000001
"Width9"=dword:00000050
"Position10"=dword:00000010
"Visible10"=dword:00000000
"Width10"=dword:00000050
"Position11"=dword:00000011
"Visible11"=dword:00000000
"Width11"=dword:0000004b
"Position12"=dword:00000012
"Visible12"=dword:00000000
"Width12"=dword:0000002d
"Position13"=dword:00000013
"Visible13"=dword:00000000
"Width13"=dword:0000003c
"Position14"=dword:00000014
"Visible14"=dword:00000000
"Width14"=dword:0000004b
"Position15"=dword:00000015
"Visible15"=dword:00000000
"Width15"=dword:00000064
"Position16"=dword:00000016
"Visible16"=dword:00000000
"Width16"=dword:00000064
"Position17"=dword:00000017
"Visible17"=dword:00000000
"Width17"=dword:0000004b
"Position18"=dword:00000018
"Visible18"=dword:00000000
"Width18"=dword:00000064
"Position19"=dword:00000019
"Visible19"=dword:00000000
"Width19"=dword:0000003c
"Position20"=dword:0000001a
"Visible20"=dword:00000000
"Width20"=dword:0000004b
"Position21"=dword:0000001b
"Visible21"=dword:00000000
"Width21"=dword:00000050
"Position22"=dword:0000001c
"Visible22"=dword:00000000
"Width22"=dword:00000073
"Position23"=dword:0000001d
"Visible23"=dword:00000000
"Width23"=dword:00000050
"Position24"=dword:0000001e
"Visible24"=dword:00000000
"Width24"=dword:0000005a
"Position25"=dword:0000001f
"Visible25"=dword:00000000
"Width25"=dword:0000006e
"Position26"=dword:00000020
"Visible26"=dword:00000000
"Width26"=dword:00000064
"Position27"=dword:00000021
"Visible27"=dword:00000000
"Width27"=dword:00000087
"Position28"=dword:00000022
"Visible28"=dword:00000000
"Width28"=dword:00000064
"Position29"=dword:00000023
"Visible29"=dword:00000000
"Width29"=dword:00000064
"Position30"=dword:00000024
"Visible30"=dword:00000000
"Width30"=dword:00000046
"Position31"=dword:00000025
"Visible31"=dword:00000000
"Width31"=dword:0000004b
"Position32"=dword:00000026
"Visible32"=dword:00000000
"Width32"=dword:00000046
"Position33"=dword:00000027
"Visible33"=dword:00000000
"Width33"=dword:0000004b
"Position34"=dword:00000028
"Visible34"=dword:00000000
"Width34"=dword:0000003c
"Position35"=dword:0000002a
"Visible35"=dword:00000000
"Width35"=dword:00000064
"Position36"=dword:0000002e
"Visible36"=dword:00000000
"Width36"=dword:00000073
"Position37"=dword:00000030
"Visible37"=dword:00000000
"Width37"=dword:0000005f
"Position38"=dword:00000033
"Visible38"=dword:00000000
"Width38"=dword:00000091
"Position39"=dword:00000035
"Visible39"=dword:00000000
"Width39"=dword:0000003c
"Position40"=dword:0000002c
"Visible40"=dword:00000000
"Width40"=dword:0000005a
"Position41"=dword:00000036
"Visible41"=dword:00000000
"Width41"=dword:00000041
"Position42"=dword:00000029
"Visible42"=dword:00000000
"Width42"=dword:00000050
"Position43"=dword:0000002b
"Visible43"=dword:00000000
"Width43"=dword:00000055
"Position44"=dword:0000002d
"Visible44"=dword:00000000
"Width44"=dword:0000005f
"Position45"=dword:00000037
"Visible45"=dword:00000000
"Width45"=dword:00000050
"Position46"=dword:00000038
"Visible46"=dword:00000000
"Width46"=dword:0000004b
"Position47"=dword:00000039
"Visible47"=dword:00000000
"Width47"=dword:0000004b
"Position48"=dword:0000003a
"Visible48"=dword:00000000
"Width48"=dword:00000046
"Position49"=dword:0000003b
"Visible49"=dword:00000000
"Width49"=dword:00000032
"Position50"=dword:0000003c
"Visible50"=dword:00000000
"Width50"=dword:0000003c
"Position51"=dword:0000003d
"Visible51"=dword:00000000
"Width51"=dword:0000004b
"Position52"=dword:0000003e
"Visible52"=dword:00000000
"Width52"=dword:0000003c
"Position53"=dword:0000003f
"Visible53"=dword:00000000
"Width53"=dword:00000037
"Position54"=dword:00000040
"Visible54"=dword:00000000
"Width54"=dword:00000069
"Position55"=dword:00000041
"Visible55"=dword:00000000
"Width55"=dword:0000005a
"Position56"=dword:00000044
"Visible56"=dword:00000000
"Width56"=dword:0000004b
"Position57"=dword:00000045
"Visible57"=dword:00000000
"Width57"=dword:0000004b
"Position58"=dword:00000046
"Visible58"=dword:00000000
"Width58"=dword:00000037
"Position59"=dword:00000047
"Visible59"=dword:00000000
"Width59"=dword:0000003c
"Position60"=dword:00000048
"Visible60"=dword:00000000
"Width60"=dword:0000003c
"Position61"=dword:00000049
"Visible61"=dword:00000000
"Width61"=dword:00000041
"Position62"=dword:0000004a
"Visible62"=dword:00000000
"Width62"=dword:00000055
"Position63"=dword:0000004b
"Visible63"=dword:00000000
"Width63"=dword:0000003c
"Position64"=dword:0000004c
"Visible64"=dword:00000000
"Width64"=dword:0000003c
"Position65"=dword:0000004d
"Visible65"=dword:00000000
"Width65"=dword:0000004b
"Position66"=dword:0000004e
"Visible66"=dword:00000000
"Width66"=dword:0000003c
"Position67"=dword:0000004f
"Visible67"=dword:00000000
"Width67"=dword:00000046
"Position68"=dword:00000050
"Visible68"=dword:00000000
"Width68"=dword:00000028
"Position69"=dword:00000051
"Visible69"=dword:00000000
"Width69"=dword:00000041
"Position70"=dword:00000052
"Visible70"=dword:00000000
"Width70"=dword:0000003c
"Position71"=dword:00000053
"Visible71"=dword:00000000
"Width71"=dword:00000069
"Position72"=dword:00000054
"Visible72"=dword:00000000
"Width72"=dword:00000041
"Position73"=dword:00000055
"Visible73"=dword:00000000
"Width73"=dword:0000005f
"Position74"=dword:00000056
"Visible74"=dword:00000000
"Width74"=dword:0000003c
"Position75"=dword:00000057
"Visible75"=dword:00000000
"Width75"=dword:00000037
"Position76"=dword:00000058
"Visible76"=dword:00000000
"Width76"=dword:0000004b
"Position77"=dword:00000059
"Visible77"=dword:00000000
"Width77"=dword:00000050
"Position78"=dword:0000005a
"Visible78"=dword:00000000
"Width78"=dword:00000037
"Position79"=dword:0000005b
"Visible79"=dword:00000000
"Width79"=dword:00000037
"Position80"=dword:0000005c
"Visible80"=dword:00000000
"Width80"=dword:0000005a
"Position81"=dword:0000005d
"Visible81"=dword:00000000
"Width81"=dword:0000004b
"Position82"=dword:0000005e
"Visible82"=dword:00000000
"Width82"=dword:00000055
"Position83"=dword:0000005f
"Visible83"=dword:00000000
"Width83"=dword:0000002d
"Position84"=dword:00000060
"Visible84"=dword:00000000
"Width84"=dword:00000037
"Position85"=dword:00000061
"Visible85"=dword:00000000
"Width85"=dword:0000003c
"Position86"=dword:00000062
"Visible86"=dword:00000000
"Width86"=dword:00000046
"Position87"=dword:00000063
"Visible87"=dword:00000000
"Width87"=dword:0000003c
"Position88"=dword:00000064
"Visible88"=dword:00000000
"Width88"=dword:0000005a
"Position89"=dword:00000065
"Visible89"=dword:00000000
"Width89"=dword:0000003c
"Position90"=dword:00000066
"Visible90"=dword:00000000
"Width90"=dword:00000050
"Position91"=dword:00000067
"Visible91"=dword:00000000
"Width91"=dword:00000046
"Position92"=dword:00000068
"Visible92"=dword:00000000
"Width92"=dword:0000005a
"Position93"=dword:00000069
"Visible93"=dword:00000000
"Width93"=dword:00000037
"Position94"=dword:0000006a
"Visible94"=dword:00000000
"Width94"=dword:0000003c
"Position95"=dword:0000006b
"Visible95"=dword:00000000
"Width95"=dword:0000003c
"Position96"=dword:0000006c
"Visible96"=dword:00000000
"Width96"=dword:00000046
"Position97"=dword:0000006d
"Visible97"=dword:00000000
"Width97"=dword:00000046
"Position98"=dword:0000006e
"Visible98"=dword:00000000
"Width98"=dword:00000055
"Position99"=dword:0000006f
"Visible99"=dword:00000000
"Width99"=dword:00000073
"Position100"=dword:00000042
"Visible100"=dword:00000000
"Width100"=dword:00000041
"Position101"=dword:00000070
"Visible101"=dword:00000000
"Width101"=dword:0000003c
"Position102"=dword:00000071
"Visible102"=dword:00000000
"Width102"=dword:0000003c
"Position103"=dword:00000072
"Visible103"=dword:00000000
"Width103"=dword:00000046
"Position104"=dword:00000073
"Visible104"=dword:00000000
"Width104"=dword:0000003c
"Position105"=dword:00000074
"Visible105"=dword:00000000
"Width105"=dword:00000041
"Position106"=dword:0000000f
"Visible106"=dword:00000001
"Width106"=dword:00000050
"Position107"=dword:0000000b
"Visible107"=dword:00000001
"Width107"=dword:00000028
"Position108"=dword:00000043
"Visible108"=dword:00000000
"Width108"=dword:00000050
"Position109"=dword:0000002f
"Visible109"=dword:00000000
"Width109"=dword:00000050
"Position110"=dword:00000031
"Visible110"=dword:00000000
"Width110"=dword:00000055
"Position111"=dword:00000032
"Visible111"=dword:00000000
"Width111"=dword:00000082
"Position112"=dword:00000034
"Visible112"=dword:00000000
"Width112"=dword:00000087
"Position113"=dword:00000075
"Visible113"=dword:00000000
"Width113"=dword:00000050
"Position114"=dword:00000076
"Visible114"=dword:00000000
"Width114"=dword:00000050
"Position115"=dword:00000077
"Visible115"=dword:00000000
"Width115"=dword:00000050
"Position116"=dword:00000078
"Visible116"=dword:00000000
"Width116"=dword:00000050
"Position117"=dword:00000079
"Visible117"=dword:00000000
"Width117"=dword:00000050
"Position118"=dword:0000007a
"Visible118"=dword:00000000
"Width118"=dword:00000050
"Position119"=dword:0000007b
"Visible119"=dword:00000000
"Width119"=dword:00000050
"Position120"=dword:0000007c
"Visible120"=dword:00000000
"Width120"=dword:00000050
"Position121"=dword:0000007d
"Visible121"=dword:00000000
"Width121"=dword:00000050
"Position122"=dword:0000007e
"Visible122"=dword:00000000
"Width122"=dword:00000050
"Position123"=dword:0000007f
"Visible123"=dword:00000000
"Width123"=dword:00000050
"Position124"=dword:00000080
"Visible124"=dword:00000000
"Width124"=dword:00000050
"Position125"=dword:00000081
"Visible125"=dword:00000000
"Width125"=dword:00000050
"Position126"=dword:00000082
"Visible126"=dword:00000000
"Width126"=dword:00000050
"Position127"=dword:00000083
"Visible127"=dword:00000000
"Width127"=dword:00000050
"Position128"=dword:00000084
"Visible128"=dword:00000000
"Width128"=dword:00000050
"Position129"=dword:00000085
"Visible129"=dword:00000000
"Width129"=dword:00000050
"Position130"=dword:00000086
"Visible130"=dword:00000000
"Width130"=dword:00000050
"Position131"=dword:00000087
"Visible131"=dword:00000000
"Width131"=dword:00000050
"Position132"=dword:00000088
"Visible132"=dword:00000000
"Width132"=dword:00000050
"Position133"=dword:00000089
"Visible133"=dword:00000000
"Width133"=dword:00000050
"Position134"=dword:0000008a
"Visible134"=dword:00000000
"Width134"=dword:00000050
"Position135"=dword:0000008b
"Visible135"=dword:00000000
"Width135"=dword:00000050
"Position136"=dword:0000008c
"Visible136"=dword:00000000
"Width136"=dword:00000050
"Position137"=dword:0000008d
"Visible137"=dword:00000000
"Width137"=dword:00000050
"Position138"=dword:0000008e
"Visible138"=dword:00000000
"Width138"=dword:00000050
"Position139"=dword:0000008f
"Visible139"=dword:00000000
"Width139"=dword:00000050
"Position140"=dword:00000090
"Visible140"=dword:00000000
"Width140"=dword:00000050
"Position141"=dword:00000091
"Visible141"=dword:00000000
"Width141"=dword:00000050
"Position142"=dword:00000092
"Visible142"=dword:00000000
"Width142"=dword:00000050
"Position143"=dword:00000093
"Visible143"=dword:00000000
"Width143"=dword:00000050
"Position144"=dword:00000094
"Visible144"=dword:00000000
"Width144"=dword:00000050
"Position145"=dword:00000095
"Visible145"=dword:00000000
"Width145"=dword:00000050
"Position146"=dword:00000004
"Visible146"=dword:00000000
"Width146"=dword:00000037
"Position147"=dword:00000005
"Visible147"=dword:00000000
"Width147"=dword:00000028
"Position148"=dword:00000006
"Visible148"=dword:00000000
"Width148"=dword:00000037
"Position149"=dword:00000007
"Visible149"=dword:00000001
"Width149"=dword:00000028
.
[HKEY_USERS\S-1-5-21-4084055621-2455302966-1550939352-1007\Software\G*e*n*i*e*"!\FM Genie Scout 2008\Columns\Staff]
"Position0"=dword:00000000
"Visible0"=dword:00000001
"Width0"=dword:0000007d
"Position1"=dword:00000001
"Visible1"=dword:00000001
"Width1"=dword:00000064
"Position2"=dword:00000002
"Visible2"=dword:00000001
"Width2"=dword:00000064
"Position3"=dword:00000003
"Visible3"=dword:00000001
"Width3"=dword:00000069
"Position4"=dword:00000005
"Visible4"=dword:00000001
"Width4"=dword:00000028
"Position5"=dword:00000006
"Visible5"=dword:00000001
"Width5"=dword:00000028
"Position6"=dword:00000004
"Visible6"=dword:00000001
"Width6"=dword:00000028
"Position7"=dword:00000007
"Visible7"=dword:00000001
"Width7"=dword:00000050
"Position8"=dword:00000008
"Visible8"=dword:00000000
"Width8"=dword:00000050
"Position9"=dword:00000009
"Visible9"=dword:00000000
"Width9"=dword:0000004b
"Position10"=dword:0000000a
"Visible10"=dword:00000000
"Width10"=dword:0000002d
"Position11"=dword:0000000b
"Visible11"=dword:00000000
"Width11"=dword:0000003c
"Position12"=dword:0000000c
"Visible12"=dword:00000000
"Width12"=dword:0000004b
"Position13"=dword:0000000d
"Visible13"=dword:00000000
"Width13"=dword:00000064
"Position14"=dword:0000000e
"Visible14"=dword:00000000
"Width14"=dword:00000064
"Position15"=dword:0000000f
"Visible15"=dword:00000000
"Width15"=dword:0000004b
"Position16"=dword:00000010
"Visible16"=dword:00000000
"Width16"=dword:00000064
"Position17"=dword:00000011
"Visible17"=dword:00000000
"Width17"=dword:0000003c
"Position18"=dword:00000012
"Visible18"=dword:00000000
"Width18"=dword:0000004b
"Position19"=dword:00000013
"Visible19"=dword:00000000
"Width19"=dword:00000050
"Position20"=dword:00000014
"Visible20"=dword:00000000
"Width20"=dword:00000046
"Position21"=dword:00000015
"Visible21"=dword:00000000
"Width21"=dword:0000004b
"Position22"=dword:00000016
"Visible22"=dword:00000000
"Width22"=dword:00000046
"Position23"=dword:00000017
"Visible23"=dword:00000000
"Width23"=dword:00000046
"Position24"=dword:00000018
"Visible24"=dword:00000000
"Width24"=dword:0000003c
"Position25"=dword:00000019
"Visible25"=dword:00000000
"Width25"=dword:00000041
"Position26"=dword:0000001a
"Visible26"=dword:00000000
"Width26"=dword:0000003c
"Position27"=dword:0000001b
"Visible27"=dword:00000000
"Width27"=dword:00000055
"Position28"=dword:0000001c
"Visible28"=dword:00000000
"Width28"=dword:00000069
"Position29"=dword:0000001d
"Visible29"=dword:00000000
"Width29"=dword:0000006e
"Position30"=dword:0000001e
"Visible30"=dword:00000000
"Width30"=dword:00000064
"Position31"=dword:0000001f
"Visible31"=dword:00000000
"Width31"=dword:00000078
"Position32"=dword:00000020
"Visible32"=dword:00000000
"Width32"=dword:00000064
"Position33"=dword:00000021
"Visible33"=dword:00000000
"Width33"=dword:00000087
"Position34"=dword:00000022
"Visible34"=dword:00000000
"Width34"=dword:00000069
"Position35"=dword:00000023
"Visible35"=dword:00000000
"Width35"=dword:0000006e
"Position36"=dword:00000024
"Visible36"=dword:00000000
"Width36"=dword:00000073
"Position37"=dword:00000025
"Visible37"=dword:00000000
"Width37"=dword:0000004b
"Position38"=dword:00000026
"Visible38"=dword:00000000
"Width38"=dword:0000002d
"Position39"=dword:00000027
"Visible39"=dword:00000000
"Width39"=dword:00000055
"Position40"=dword:00000028
"Visible40"=dword:00000000
"Width40"=dword:00000046
"Position41"=dword:00000029
"Visible41"=dword:00000000
"Width41"=dword:0000004b
"Position42"=dword:0000002a
"Visible42"=dword:00000000
"Width42"=dword:0000003c
"Position43"=dword:0000002b
"Visible43"=dword:00000000
"Width43"=dword:00000046
"Position44"=dword:0000002c
"Visible44"=dword:00000000
"Width44"=dword:00000073
"Position45"=dword:0000002d
"Visible45"=dword:00000000
"Width45"=dword:0000004b
"Position46"=dword:0000002e
"Visible46"=dword:00000000
"Width46"=dword:00000073
"Position47"=dword:0000002f
"Visible47"=dword:00000000
"Width47"=dword:0000007d
"Position48"=dword:00000030
"Visible48"=dword:00000000
"Width48"=dword:0000006e
"Position49"=dword:00000031
"Visible49"=dword:00000000
"Width49"=dword:00000037
"Position50"=dword:00000032
"Visible50"=dword:00000000
"Width50"=dword:00000064
"Position51"=dword:00000033
"Visible51"=dword:00000000
"Width51"=dword:00000037
"Position52"=dword:00000034
"Visible52"=dword:00000000
"Width52"=dword:0000004b
"Position53"=dword:00000035
"Visible53"=dword:00000000
"Width53"=dword:00000046
"Position54"=dword:00000036
"Visible54"=dword:00000000
"Width54"=dword:00000037
"Position55"=dword:00000037
"Visible55"=dword:00000000
"Width55"=dword:0000003c
"Position56"=dword:00000038
"Visible56"=dword:00000000
"Width56"=dword:00000055
"Position57"=dword:00000039
"Visible57"=dword:00000000
"Width57"=dword:0000003c
"Position58"=dword:0000003a
"Visible58"=dword:00000000
"Width58"=dword:0000003c
"Position59"=dword:0000003b
"Visible59"=dword:00000000
"Width59"=dword:00000055
"Position60"=dword:0000003c
"Visible60"=dword:00000000
"Width60"=dword:00000046
"Position61"=dword:0000003d
"Visible61"=dword:00000000
"Width61"=dword:0000004b
"Position62"=dword:0000003e
"Visible62"=dword:00000000
"Width62"=dword:00000055
"Position63"=dword:0000003f
"Visible63"=dword:00000000
"Width63"=dword:0000005a
"Position64"=dword:00000040
"Visible64"=dword:00000000
"Width64"=dword:0000006e
"Position65"=dword:00000041
"Visible65"=dword:00000000
"Width65"=dword:00000050
"Position66"=dword:00000042
"Visible66"=dword:00000000
"Width66"=dword:00000032
"Position67"=dword:00000043
"Visible67"=dword:00000000
"Width67"=dword:00000064
"Position68"=dword:00000044
"Visible68"=dword:00000000
"Width68"=dword:0000004b
"Position69"=dword:00000045
"Visible69"=dword:00000000
"Width69"=dword:0000002d
"Position70"=dword:00000046
"Visible70"=dword:00000000
"Width70"=dword:0000004b
"Position71"=dword:00000047
"Visible71"=dword:00000000
"Width71"=dword:0000005a
"Position72"=dword:00000048
"Visible72"=dword:00000000
"Width72"=dword:0000005a
"Position73"=dword:00000049
"Visible73"=dword:00000000
"Width73"=dword:00000050
"Position74"=dword:0000004a
"Visible74"=dword:00000000
"Width74"=dword:0000004b
"Position75"=dword:0000004b
"Visible75"=dword:00000000
"Width75"=dword:00000050
"Position76"=dword:0000004c
"Visible76"=dword:00000000
"Width76"=dword:0000005a
"Position77"=dword:0000004d
"Visible77"=dword:00000000
"Width77"=dword:00000041
"Position78"=dword:0000004e
"Visible78"=dword:00000000
"Width78"=dword:00000041
"Position79"=dword:0000004f
"Visible79"=dword:00000000
"Width79"=dword:00000041
"Position80"=dword:00000050
"Visible80"=dword:00000000
"Width80"=dword:00000041
"Position81"=dword:00000051
"Visible81"=dword:00000000
"Width81"=dword:00000041
"Position82"=dword:00000052
"Visible82"=dword:00000000
"Width82"=dword:00000041
"Position83"=dword:00000053
"Visible83"=dword:00000000
"Width83"=dword:00000041
"Position84"=dword:00000054
"Visible84"=dword:00000000
"Width84"=dword:00000041
"Position85"=dword:00000055
"Visible85"=dword:00000000
"Width85"=dword:00000041
"Position86"=dword:00000056
"Visible86"=dword:00000000
"Width86"=dword:00000050
.
[HKEY_USERS\S-1-5-21-4084055621-2455302966-1550939352-1007\Software\G*e*n*i*e*"!\FM Genie Scout 2008\Rating Coefficients]
"GKWeightCoef"=dword:00000064
"GKCurrentAbilityCoef"=dword:00000000
"GKCornersCoef"=dword:00000000
"GKCrossingCoef"=dword:00000000
"GKDribblingCoef"=dword:00000000
"GKFinishingCoef"=dword:00000000
"GKFirstTouchCoef"=dword:00000000
"GKFreeKicksCoef"=dword:00000000
"GKHeadingCoef"=dword:00000000
"GKLongShotsCoef"=dword:00000000
"GKLongThrowsCoef"=dword:00000000
"GKMarkingCoef"=dword:00000000
"GKPassingCoef"=dword:00000000
"GKPenaltiesCoef"=dword:00000000
"GKTacklingCoef"=dword:00000005
"GKTechniqueCoef"=dword:00000000
"GKLeftFootCoef"=dword:00000000
"GKRightFootCoef"=dword:00000000
"GKAggressionCoef"=dword:0000000a
"GKAnticipationCoef"=dword:00000005
"GKBraveryCoef"=dword:00000014
"GKComposureCoef"=dword:00000014
"GKConcentrationCoef"=dword:0000000a
"GKConsistencyCoef"=dword:0000000a
"GKCreativityCoef"=dword:00000000
"GKDecisionsCoef"=dword:00000014
"GKDeterminationCoef"=dword:0000000a
"GKDirtinessCoef"=dword:fffffffb
"GKFlairCoef"=dword:00000000
"GKImportantMatchesCoef"=dword:0000000a
"GKInfluenceCoef"=dword:0000000a
"GKOffTheBallCoef"=dword:00000000
"GKPositioningCoef"=dword:00000050
"GKTeamworkCoef"=dword:00000005
"GKWorkRateCoef"=dword:00000000
"GKAccelerationCoef"=dword:00000005
"GKAgilityCoef"=dword:0000000a
"GKBalanceCoef"=dword:0000000a
"GKInjuryPronenessCoef"=dword:fffffffb
"GKJumpingCoef"=dword:00000050
"GKNaturalFitnessCoef"=dword:00000005
"GKPaceCoef"=dword:00000000
"GKStaminaCoef"=dword:00000000
"GKStrengthCoef"=dword:0000000a
"GKVersatilityCoef"=dword:00000000
"GKAerialAbilityCoef"=dword:00000032
"GKCommandOfAreaCoef"=dword:00000014
"GKCommunicationCoef"=dword:00000032
"GKEccentricityCoef"=dword:ffffffec
"GKHandlingCoef"=dword:00000064
"GKKickingCoef"=dword:0000000a
"GKOneOnOnesCoef"=dword:00000032
"GKReflexesCoef"=dword:00000064
"GKRushingOutCoef"=dword:00000014
"GKTendencyToPunchCoef"=dword:fffffff6
"GKThrowingCoef"=dword:0000000a
"GKAdaptabilityCoef"=dword:00000005
"GKAmbitionCoef"=dword:0000000a
"GKControversyCoef"=dword:fffffffb
"GKLoyalityCoef"=dword:00000005
"GKPressureCoef"=dword:00000005
"GKProfessionalismCoef"=dword:00000005
"GKSportsmanshipCoef"=dword:00000005
"GKTemperamentCoef"=dword:00000005
"SWWeightCoef"=dword:00000066
"SWCurrentAbilityCoef"=dword:00000000
"SWCornersCoef"=dword:00000000
"SWCrossingCoef"=dword:00000000
"SWDribblingCoef"=dword:00000000
"SWFinishingCoef"=dword:00000000
"SWFirstTouchCoef"=dword:00000014
"SWFreeKicksCoef"=dword:0000000a
"SWHeadingCoef"=dword:00000064
"SWLongShotsCoef"=dword:0000000a
"SWLongThrowsCoef"=dword:00000000
"SWMarkingCoef"=dword:00000064
"SWPassingCoef"=dword:0000000a
"SWPenaltiesCoef"=dword:00000005
"SWTacklingCoef"=dword:00000064
"SWTechniqueCoef"=dword:0000000a
"SWLeftFootCoef"=dword:00000005
"SWRightFootCoef"=dword:00000005
"SWAggressionCoef"=dword:00000014
"SWAnticipationCoef"=dword:00000014
"SWBraveryCoef"=dword:00000028
"SWComposureCoef"=dword:00000028
"SWConcentrationCoef"=dword:0000003c
"SWConsistencyCoef"=dword:0000000a
"SWCreativityCoef"=dword:0000000a
"SWDecisionsCoef"=dword:00000014
"SWDeterminationCoef"=dword:0000000a
"SWDirtinessCoef"=dword:ffffffe7
"SWFlairCoef"=dword:00000000
"SWImportantMatchesCoef"=dword:0000000a
"SWInfluenceCoef"=dword:0000000a
"SWOffTheBallCoef"=dword:0000000a
"SWPositioningCoef"=dword:00000064
"SWTeamworkCoef"=dword:00000028
"SWWorkRateCoef"=dword:00000014
"SWAccelerationCoef"=dword:0000001e
"SWAgilityCoef"=dword:0000000a
"SWBalanceCoef"=dword:00000014
"SWInjuryPronenessCoef"=dword:fffffffb
"SWJumpingCoef"=dword:00000064
"SWNaturalFitnessCoef"=dword:00000005
"SWPaceCoef"=dword:00000014
"SWStaminaCoef"=dword:0000000a
"SWStrengthCoef"=dword:00000050
"SWVersatilityCoef"=dword:00000005
"SWAerialAbilityCoef"=dword:00000000
"SWCommandOfAreaCoef"=dword:00000000
"SWCommunicationCoef"=dword:00000000
"SWEccentricityCoef"=dword:00000000
"SWHandlingCoef"=dword:00000000
"SWKickingCoef"=dword:00000000
"SWOneOnOnesCoef"=dword:00000005
"SWReflexesCoef"=dword:00000005
"SWRushingOutCoef"=dword:00000000
"SWTendencyToPunchCoef"=dword:00000000
"SWThrowingCoef"=dword:00000000
"SWAdaptabilityCoef"=dword:00000005
"SWAmbitionCoef"=dword:0000000a
"SWControversyCoef"=dword:fffffffb
"SWLoyalityCoef"=dword:00000005
"SWPressureCoef"=dword:00000005
"SWProfessionalismCoef"=dword:00000005
"SWSportsmanshipCoef"=dword:00000005
"SWTemperamentCoef"=dword:00000005
"CBWeightCoef"=dword:00000064
"CBCurrentAbilityCoef"=dword:00000000
"CBCornersCoef"=dword:00000000
"CBCrossingCoef"=dword:00000000
"CBDribblingCoef"=dword:00000000
"CBFinishingCoef"=dword:00000000
"CBFirstTouchCoef"=dword:00000014
"CBFreeKicksCoef"=dword:0000000a
"CBHeadingCoef"=dword:00000064
"CBLongShotsCoef"=dword:0000000a
"CBLongThrowsCoef"=dword:00000000
"CBMarkingCoef"=dword:00000050
"CBPassingCoef"=dword:00000014
"CBPenaltiesCoef"=dword:00000005
"CBTacklingCoef"=dword:00000064
"CBTechniqueCoef"=dword:0000000a
"CBLeftFootCoef"=dword:00000005
"CBRightFootCoef"=dword:00000005
"CBAggressionCoef"=dword:00000014
"CBAnticipationCoef"=dword:00000014
"CBBraveryCoef"=dword:00000028
"CBComposureCoef"=dword:00000014
"CBConcentrationCoef"=dword:00000028
"CBConsistencyCoef"=dword:0000000a
"CBCreativityCoef"=dword:0000000a
"CBDecisionsCoef"=dword:00000014
"CBDeterminationCoef"=dword:0000000a
"CBDirtinessCoef"=dword:ffffffec
"CBFlairCoef"=dword:00000000
"CBImportantMatchesCoef"=dword:0000000a
"CBInfluenceCoef"=dword:0000000a
"CBOffTheBallCoef"=dword:0000000a
"CBPositioningCoef"=dword:00000050
"CBTeamworkCoef"=dword:00000028
"CBWorkRateCoef"=dword:00000014
"CBAccelerationCoef"=dword:00000028
"CBAgilityCoef"=dword:0000000a
"CBBalanceCoef"=dword:00000014
"CBInjuryPronenessCoef"=dword:fffffffb
"CBJumpingCoef"=dword:00000064
"CBNaturalFitnessCoef"=dword:00000005
"CBPaceCoef"=dword:0000001e
"CBStaminaCoef"=dword:0000000a
"CBStrengthCoef"=dword:0000003c
"CBVersatilityCoef"=dword:00000005
"CBAerialAbilityCoef"=dword:00000000
"CBCommandOfAreaCoef"=dword:00000000
"CBCommunicationCoef"=dword:00000000
"CBEccentricityCoef"=dword:00000000
"CBHandlingCoef"=dword:00000000
"CBKickingCoef"=dword:00000000
"CBOneOnOnesCoef"=dword:00000005
"CBReflexesCoef"=dword:00000005
"CBRushingOutCoef"=dword:00000000
"CBTendencyToPunchCoef"=dword:00000000
"CBThrowingCoef"=dword:00000000
"CBAdaptabilityCoef"=dword:00000005
"CBAmbitionCoef"=dword:0000000a
"CBControversyCoef"=dword:fffffffb
"CBLoyalityCoef"=dword:00000005
"CBPressureCoef"=dword:00000005
"CBProfessionalismCoef"=dword:00000005
"CBSportsmanshipCoef"=dword:00000005
"CBTemperamentCoef"=dword:00000005
"FBWeightCoef"=dword:00000069
"FBCurrentAbilityCoef"=dword:00000000
"FBCornersCoef"=dword:0000000a
"FBCrossingCoef"=dword:0000001e
"FBDribblingCoef"=dword:00000014
"FBFinishingCoef"=dword:00000000
"FBFirstTouchCoef"=dword:00000014
"FBFreeKicksCoef"=dword:0000000a
"FBHeadingCoef"=dword:0000003c
"FBLongShotsCoef"=dword:0000000a
"FBLongThrowsCoef"=dword:0000000a
"FBMarkingCoef"=dword:0000003c
"FBPassingCoef"=dword:0000001e
"FBPenaltiesCoef"=dword:00000005
"FBTacklingCoef"=dword:00000064
"FBTechniqueCoef"=dword:00000014
"FBLeftFootCoef"=dword:00000005
"FBRightFootCoef"=dword:00000005
"FBAggressionCoef"=dword:0000000f
"FBAnticipationCoef"=dword:00000050
"FBBraveryCoef"=dword:00000014
"FBComposureCoef"=dword:0000000a
"FBConcentrationCoef"=dword:0000001e
"FBConsistencyCoef"=dword:0000000a
"FBCreativityCoef"=dword:0000000a
"FBDecisionsCoef"=dword:00000014
"FBDeterminationCoef"=dword:0000000a
"FBDirtinessCoef"=dword:fffffff6
"FBFlairCoef"=dword:00000005
"FBImportantMatchesCoef"=dword:0000000a
"FBInfluenceCoef"=dword:0000000a
"FBOffTheBallCoef"=dword:00000014
"FBPositioningCoef"=dword:00000064
"FBTeamworkCoef"=dword:00000014
"FBWorkRateCoef"=dword:00000014
"FBAccelerationCoef"=dword:0000003c
"FBAgilityCoef"=dword:0000000a
"FBBalanceCoef"=dword:00000014
"FBInjuryPronenessCoef"=dword:fffffffb
"FBJumpingCoef"=dword:0000003c
"FBNaturalFitnessCoef"=dword:00000005
"FBPaceCoef"=dword:00000050
"FBStaminaCoef"=dword:0000003c
"FBStrengthCoef"=dword:00000028
"FBVersatilityCoef"=dword:00000005
"FBAerialAbilityCoef"=dword:00000000
"FBCommandOfAreaCoef"=dword:00000000
"FBCommunicationCoef"=dword:00000000
"FBEccentricityCoef"=dword:00000000
"FBHandlingCoef"=dword:00000000
"FBKickingCoef"=dword:00000000
"FBOneOnOnesCoef"=dword:00000005
"FBReflexesCoef"=dword:00000005
"FBRushingOutCoef"=dword:00000000
"FBTendencyToPunchCoef"=dword:00000000
"FBThrowingCoef"=dword:00000000
"FBAdaptabilityCoef"=dword:00000005
"FBAmbitionCoef"=dword:0000000a
"FBControversyCoef"=dword:fffffffb
"FBLoyalityCoef"=dword:00000005
"FBPressureCoef"=dword:00000005
"FBProfessionalismCoef"=dword:00000005
"FBSportsmanshipCoef"=dword:00000005
"FBTemperamentCoef"=dword:00000005
"WBWeightCoef"=dword:0000006c
"WBCurrentAbilityCoef"=dword:00000000
"WBCornersCoef"=dword:0000000a
"WBCrossingCoef"=dword:0000003c
"WBDribblingCoef"=dword:00000028
"WBFinishingCoef"=dword:0000000a
"WBFirstTouchCoef"=dword:00000014
"WBFreeKicksCoef"=dword:0000000a
"WBHeadingCoef"=dword:00000028
"WBLongShotsCoef"=dword:00000014
"WBLongThrowsCoef"=dword:0000000a
"WBMarkingCoef"=dword:0000003c
"WBPassingCoef"=dword:00000028
"WBPenaltiesCoef"=dword:00000005
"WBTacklingCoef"=dword:00000064
"WBTechniqueCoef"=dword:00000028
"WBLeftFootCoef"=dword:00000005
"WBRightFootCoef"=dword:00000005
"WBAggressionCoef"=dword:0000000a
"WBAnticipationCoef"=dword:00000050
"WBBraveryCoef"=dword:0000000a
"WBComposureCoef"=dword:0000000a
"WBConcentrationCoef"=dword:00000014
"WBConsistencyCoef"=dword:0000000a
"WBCreativityCoef"=dword:00000014
"WBDecisionsCoef"=dword:00000014
"WBDeterminationCoef"=dword:0000000a
"WBDirtinessCoef"=dword:fffffff6
"WBFlairCoef"=dword:0000000a
"WBImportantMatchesCoef"=dword:0000000a
"WBInfluenceCoef"=dword:0000000a
"WBOffTheBallCoef"=dword:00000014
"WBPositioningCoef"=dword:00000064
"WBTeamworkCoef"=dword:00000014
"WBWorkRateCoef"=dword:00000028
"WBAccelerationCoef"=dword:00000050
"WBAgilityCoef"=dword:0000000a
"WBBalanceCoef"=dword:00000014
"WBInjuryPronenessCoef"=dword:fffffffb
"WBJumpingCoef"=dword:00000014
"WBNaturalFitnessCoef"=dword:00000005
"WBPaceCoef"=dword:00000064
"WBStaminaCoef"=dword:00000050
"WBStrengthCoef"=dword:00000028
"WBVersatilityCoef"=dword:00000005
"WBAerialAbilityCoef"=dword:00000000
"WBCommandOfAreaCoef"=dword:00000000
"WBCommunicationCoef"=dword:00000000
"WBEccentricityCoef"=dword:00000000
"WBHandlingCoef"=dword:00000000
"WBKickingCoef"=dword:00000000
"WBOneOnOnesCoef"=dword:00000005
"WBReflexesCoef"=dword:00000005
"WBRushingOutCoef"=dword:00000000
"WBTendencyToPunchCoef"=dword:00000000
"WBThrowingCoef"=dword:00000000
"WBAdaptabilityCoef"=dword:00000005
"WBAmbitionCoef"=dword:0000000a
"WBControversyCoef"=dword:fffffffb
"WBLoyalityCoef"=dword:00000005
"WBPressureCoef"=dword:00000005
"WBProfessionalismCoef"=dword:00000005
"WBSportsmanshipCoef"=dword:00000005
"WBTemperamentCoef"=dword:00000005
"DMWeightCoef"=dword:00000067
"DMCurrentAbilityCoef"=dword:00000000
"DMCornersCoef"=dword:0000000a
"DMCrossingCoef"=dword:0000001e
"DMDribblingCoef"=dword:00000014
"DMFinishingCoef"=dword:0000000a
"DMFirstTouchCoef"=dword:0000001e
"DMFreeKicksCoef"=dword:0000000a
"DMHeadingCoef"=dword:00000028
"DMLongShotsCoef"=dword:00000014
"DMLongThrowsCoef"=dword:00000005
"DMMarkingCoef"=dword:0000003c
"DMPassingCoef"=dword:00000028
"DMPenaltiesCoef"=dword:00000005
"DMTacklingCoef"=dword:00000064
"DMTechniqueCoef"=dword:0000001e
"DMLeftFootCoef"=dword:00000005
"DMRightFootCoef"=dword:00000005
"DMAggressionCoef"=dword:00000028
"DMAnticipationCoef"=dword:00000028
"DMBraveryCoef"=dword:00000014
"DMComposureCoef"=dword:0000000a
"DMConcentrationCoef"=dword:00000014
"DMConsistencyCoef"=dword:0000000a
"DMCreativityCoef"=dword:00000014
"DMDecisionsCoef"=dword:00000014
"DMDeterminationCoef"=dword:0000000a
"DMDirtinessCoef"=dword:fffffff6
"DMFlairCoef"=dword:0000000a
"DMImportantMatchesCoef"=dword:0000000a
"DMInfluenceCoef"=dword:0000000a
"DMOffTheBallCoef"=dword:0000001e
"DMPositioningCoef"=dword:00000050
"DMTeamworkCoef"=dword:00000028
"DMWorkRateCoef"=dword:00000050
"DMAccelerationCoef"=dword:00000028
"DMAgilityCoef"=dword:0000000a
"DMBalanceCoef"=dword:0000000a
"DMInjuryPronenessCoef"=dword:fffffffb
"DMJumpingCoef"=dword:00000028
"DMNaturalFitnessCoef"=dword:00000005
"DMPaceCoef"=dword:00000028
"DMStaminaCoef"=dword:0000003c
"DMStrengthCoef"=dword:00000028
"DMVersatilityCoef"=dword:00000005
"DMAerialAbilityCoef"=dword:00000000
"DMCommandOfAreaCoef"=dword:00000000
"DMCommunicationCoef"=dword:00000000
"DMEccentricityCoef"=dword:00000000
"DMHandlingCoef"=dword:00000000
"DMKickingCoef"=dword:00000000
"DMOneOnOnesCoef"=dword:00000005
"DMReflexesCoef"=dword:00000005
"DMRushingOutCoef"=dword:00000000
"DMTendencyToPunchCoef"=dword:00000000
"DMThrowingCoef"=dword:00000000
"DMAdaptabilityCoef"=dword:00000005
"DMAmbitionCoef"=dword:0000000a
"DMControversyCoef"=dword:fffffffb
"DMLoyalityCoef"=dword:00000005
"DMPressureCoef"=dword:00000005
"DMProfessionalismCoef"=dword:00000005
"DMSportsmanshipCoef"=dword:00000005
"DMTemperamentCoef"=dword:00000005
"MWeightCoef"=dword:00000068
"MCurrentAbilityCoef"=dword:00000000
"MCornersCoef"=dword:0000000a
"MCrossingCoef"=dword:00000028
"MDribblingCoef"=dword:00000032
"MFinishingCoef"=dword:00000014
"MFirstTouchCoef"=dword:0000001e
"MFreeKicksCoef"=dword:0000000a
"MHeadingCoef"=dword:0000001e
"MLongShotsCoef"=dword:00000014
"MLongThrowsCoef"=dword:00000005
"MMarkingCoef"=dword:00000028
"MPassingCoef"=dword:00000046
"MPenaltiesCoef"=dword:00000005
"MTacklingCoef"=dword:0000003c
"MTechniqueCoef"=dword:00000032
"MLeftFootCoef"=dword:00000005
"MRightFootCoef"=dword:00000005
"MAggressionCoef"=dword:0000001e
"MAnticipationCoef"=dword:00000028
"MBraveryCoef"=dword:0000000a
"MComposureCoef"=dword:0000000a
"MConcentrationCoef"=dword:0000000a
"MConsistencyCoef"=dword:0000000a
"MCreativityCoef"=dword:0000003c
"MDecisionsCoef"=dword:0000001e
"MDeterminationCoef"=dword:0000000a
"MDirtinessCoef"=dword:fffffffb
"MFlairCoef"=dword:0000000a
"MImportantMatchesCoef"=dword:0000000a
"MInfluenceCoef"=dword:0000000a
"MOffTheBallCoef"=dword:00000028
"MPositioningCoef"=dword:00000028
"MTeamworkCoef"=dword:00000032
"MWorkRateCoef"=dword:00000032
"MAccelerationCoef"=dword:00000032
"MAgilityCoef"=dword:0000000a
"MBalanceCoef"=dword:0000000a
"MInjuryPronenessCoef"=dword:fffffffb
"MJumpingCoef"=dword:00000028
"MNaturalFitnessCoef"=dword:00000005
"MPaceCoef"=dword:00000028
"MStaminaCoef"=dword:0000003c
"MStrengthCoef"=dword:0000001e
"MVersatilityCoef"=dword:00000005
"MAerialAbilityCoef"=dword:00000000
"MCommandOfAreaCoef"=dword:00000000
"MCommunicationCoef"=dword:00000000
"MEccentricityCoef"=dword:00000000
"MHandlingCoef"=dword:00000000
"MKickingCoef"=dword:00000000
"MOneOnOnesCoef"=dword:00000005
"MReflexesCoef"=dword:00000005
"MRushingOutCoef"=dword:00000000
"MTendencyToPunchCoef"=dword:00000000
"MThrowingCoef"=dword:00000000
"MAdaptabilityCoef"=dword:00000005
"MAmbitionCoef"=dword:0000000a
"MControversyCoef"=dword:fffffffb
"MLoyalityCoef"=dword:00000005
"MPressureCoef"=dword:00000005
"MProfessionalismCoef"=dword:00000005
"MSportsmanshipCoef"=dword:00000005
"MTemperamentCoef"=dword:00000005
"AMWeightCoef"=dword:00000068
"AMCurrentAbilityCoef"=dword:00000000
"AMCornersCoef"=dword:0000000a
"AMCrossingCoef"=dword:0000003c
"AMDribblingCoef"=dword:00000050
"AMFinishingCoef"=dword:00000028
"AMFirstTouchCoef"=dword:0000001e
"AMFreeKicksCoef"=dword:0000000a
"AMHeadingCoef"=dword:00000014
"AMLongShotsCoef"=dword:00000014
"AMLongThrowsCoef"=dword:00000005
"AMMarkingCoef"=dword:0000000a
"AMPassingCoef"=dword:00000064
"AMPenaltiesCoef"=dword:00000005
"AMTacklingCoef"=dword:0000000a
"AMTechniqueCoef"=dword:00000050
"AMLeftFootCoef"=dword:00000005
"AMRightFootCoef"=dword:00000005
"AMAggressionCoef"=dword:0000000a
"AMAnticipationCoef"=dword:0000001e
"AMBraveryCoef"=dword:0000000a
"AMComposureCoef"=dword:0000000a
"AMConcentrationCoef"=dword:0000000a
"AMConsistencyCoef"=dword:0000000a
"AMCreativityCoef"=dword:00000064
"AMDecisionsCoef"=dword:00000028
"AMDeterminationCoef"=dword:0000000a
"AMDirtinessCoef"=dword:fffffffb
"AMFlairCoef"=dword:00000014
"AMImportantMatchesCoef"=dword:0000000a
"AMInfluenceCoef"=dword:0000000a
"AMOffTheBallCoef"=dword:0000003c
"AMPositioningCoef"=dword:00000014
"AMTeamworkCoef"=dword:0000003c
"AMWorkRateCoef"=dword:00000014
"AMAccelerationCoef"=dword:0000003c
"AMAgilityCoef"=dword:0000000a
"AMBalanceCoef"=dword:0000000a
"AMInjuryPronenessCoef"=dword:fffffffb
"AMJumpingCoef"=dword:00000014
"AMNaturalFitnessCoef"=dword:00000005
"AMPaceCoef"=dword:0000003c
"AMStaminaCoef"=dword:0000003c
"AMStrengthCoef"=dword:00000014
"AMVersatilityCoef"=dword:00000005
"AMAerialAbilityCoef"=dword:00000000
"AMCommandOfAreaCoef"=dword:00000000
"AMCommunicationCoef"=dword:00000000
"AMEccentricityCoef"=dword:00000000
"AMHandlingCoef"=dword:00000000
"AMKickingCoef"=dword:00000000
"AMOneOnOnesCoef"=dword:00000005
"AMReflexesCoef"=dword:00000005
"AMRushingOutCoef"=dword:00000000
"AMTendencyToPunchCoef"=dword:00000000
"AMThrowingCoef"=dword:00000000
"AMAdaptabilityCoef"=dword:00000005
"AMAmbitionCoef"=dword:0000000a
"AMControversyCoef"=dword:fffffffb
"AMLoyalityCoef"=dword:00000005
"AMPressureCoef"=dword:00000005
"AMProfessionalismCoef"=dword:00000005
"AMSportsmanshipCoef"=dword:00000005
"AMTemperamentCoef"=dword:00000005
"WWeightCoef"=dword:00000069
"WCurrentAbilityCoef"=dword:00000000
"WCornersCoef"=dword:0000000a
"WCrossingCoef"=dword:00000064
"WDribblingCoef"=dword:00000064
"WFinishingCoef"=dword:0000003c
"WFirstTouchCoef"=dword:0000001e
"WFreeKicksCoef"=dword:0000000a
"WHeadingCoef"=dword:00000014
"WLongShotsCoef"=dword:00000014
"WLongThrowsCoef"=dword:00000005
"WMarkingCoef"=dword:0000000a
"WPassingCoef"=dword:0000003c
"WPenaltiesCoef"=dword:00000005
"WTacklingCoef"=dword:0000000a
"WTechniqueCoef"=dword:00000050
"WLeftFootCoef"=dword:00000005
"WRightFootCoef"=dword:00000005
"WAggressionCoef"=dword:0000000a
"WAnticipationCoef"=dword:00000014
"WBraveryCoef"=dword:0000000a
"WComposureCoef"=dword:0000000a
"WConcentrationCoef"=dword:0000000a
"WConsistencyCoef"=dword:0000000a
"WCreativityCoef"=dword:0000003c
"WDecisionsCoef"=dword:00000014
"WDeterminationCoef"=dword:0000000a
"WDirtinessCoef"=dword:fffffffb
"WFlairCoef"=dword:0000000a
"WImportantMatchesCoef"=dword:00000014
"WInfluenceCoef"=dword:0000000a
"WOffTheBallCoef"=dword:0000003c
"WPositioningCoef"=dword:00000014
"WTeamworkCoef"=dword:0000001e
"WWorkRateCoef"=dword:0000001e
"WAccelerationCoef"=dword:00000050
"WAgilityCoef"=dword:00000014
"WBalanceCoef"=dword:0000000a
"WInjuryPronenessCoef"=dword:fffffffb
"WJumpingCoef"=dword:00000014
"WNaturalFitnessCoef"=dword:00000005
"WPaceCoef"=dword:00000064
"WStaminaCoef"=dword:0000003c
"WStrengthCoef"=dword:00000014
"WVersatilityCoef"=dword:00000005
"WAerialAbilityCoef"=dword:00000000
"WCommandOfAreaCoef"=dword:00000000
"WCommunicationCoef"=dword:00000000
"WEccentricityCoef"=dword:00000000
"WHandlingCoef"=dword:00000000
"WKickingCoef"=dword:00000000
"WOneOnOnesCoef"=dword:00000005
"WReflexesCoef"=dword:00000005
"WRushingOutCoef"=dword:00000000
"WTendencyToPunchCoef"=dword:00000000
"WThrowingCoef"=dword:00000000
"WAdaptabilityCoef"=dword:00000005
"WAmbitionCoef"=dword:0000000a
"WControversyCoef"=dword:fffffffb
"WLoyalityCoef"=dword:00000005
"WPressureCoef"=dword:00000005
"WProfessionalismCoef"=dword:00000005
"WSportsmanshipCoef"=dword:00000005
"WTemperamentCoef"=dword:00000005
"FSTWeightCoef"=dword:00000067
"FSTCurrentAbilityCoef"=dword:00000000
"FSTCornersCoef"=dword:0000000a
"FSTCrossingCoef"=dword:0000000a
"FSTDribblingCoef"=dword:00000050
"FSTFinishingCoef"=dword:00000064
"FSTFirstTouchCoef"=dword:00000028
"FSTFreeKicksCoef"=dword:0000000a
"FSTHeadingCoef"=dword:00000028
"FSTLongShotsCoef"=dword:00000014
"FSTLongThrowsCoef"=dword:00000000
"FSTMarkingCoef"=dword:00000000
"FSTPassingCoef"=dword:00000028
"FSTPenaltiesCoef"=dword:00000005
"FSTTacklingCoef"=dword:00000000
"FSTTechniqueCoef"=dword:00000050
"FSTLeftFootCoef"=dword:00000005
"FSTRightFootCoef"=dword:00000005
"FSTAggressionCoef"=dword:0000000a
"FSTAnticipationCoef"=dword:0000000a
"FSTBraveryCoef"=dword:0000000a
"FSTComposureCoef"=dword:0000000a
"FSTConcentrationCoef"=dword:0000000a
"FSTConsistencyCoef"=dword:0000000a
"FSTCreativityCoef"=dword:00000028
"FSTDecisionsCoef"=dword:0000000a
"FSTDeterminationCoef"=dword:0000000a
"FSTDirtinessCoef"=dword:fffffffb
"FSTFlairCoef"=dword:0000000a
"FSTImportantMatchesCoef"=dword:0000000a
"FSTInfluenceCoef"=dword:0000000a
"FSTOffTheBallCoef"=dword:00000050
"FSTPositioningCoef"=dword:0000000a
"FSTTeamworkCoef"=dword:0000000a
"FSTWorkRateCoef"=dword:0000000a
"FSTAccelerationCoef"=dword:00000064
"FSTAgilityCoef"=dword:00000028
"FSTBalanceCoef"=dword:0000000a
"FSTInjuryPronenessCoef"=dword:fffffffb
"FSTJumpingCoef"=dword:00000014
"FSTNaturalFitnessCoef"=dword:00000005
"FSTPaceCoef"=dword:00000064
"FSTStaminaCoef"=dword:00000028
"FSTStrengthCoef"=dword:00000014
"FSTVersatilityCoef"=dword:00000005
"FSTAerialAbilityCoef"=dword:00000000
"FSTCommandOfAreaCoef"=dword:00000000
"FSTCommunicationCoef"=dword:00000000
"FSTEccentricityCoef"=dword:00000000
"FSTHandlingCoef"=dword:00000000
"FSTKickingCoef"=dword:00000000
"FSTOneOnOnesCoef"=dword:00000005
"FSTReflexesCoef"=dword:00000005
"FSTRushingOutCoef"=dword:00000000
"FSTTendencyToPunchCoef"=dword:00000000
"FSTThrowingCoef"=dword:00000000
"FSTAdaptabilityCoef"=dword:00000005
"FSTAmbitionCoef"=dword:0000000a
"FSTControversyCoef"=dword:fffffffb
"FSTLoyalityCoef"=dword:00000005
"FSTPressureCoef"=dword:00000005
"FSTProfessionalismCoef"=dword:00000005
"FSTSportsmanshipCoef"=dword:00000005
"FSTTemperamentCoef"=dword:00000005
"TSTWeightCoef"=dword:00000067
"TSTCurrentAbilityCoef"=dword:00000000
"TSTCornersCoef"=dword:00000000
"TSTCrossingCoef"=dword:0000000a
"TSTDribblingCoef"=dword:0000003c
"TSTFinishingCoef"=dword:00000050
"TSTFirstTouchCoef"=dword:0000001e
"TSTFreeKicksCoef"=dword:0000000a
"TSTHeadingCoef"=dword:00000064
"TSTLongShotsCoef"=dword:00000014
"TSTLongThrowsCoef"=dword:00000000
"TSTMarkingCoef"=dword:00000000
"TSTPassingCoef"=dword:00000028
"TSTPenaltiesCoef"=dword:00000005
"TSTTacklingCoef"=dword:00000000
"TSTTechniqueCoef"=dword:00000028
"TSTLeftFootCoef"=dword:00000005
"TSTRightFootCoef"=dword:00000005
"TSTAggressionCoef"=dword:00000014
"TSTAnticipationCoef"=dword:0000000a
"TSTBraveryCoef"=dword:00000014
"TSTComposureCoef"=dword:0000000a
"TSTConcentrationCoef"=dword:0000000a
"TSTConsistencyCoef"=dword:0000000a
"TSTCreativityCoef"=dword:00000014
"TSTDecisionsCoef"=dword:0000000a
"TSTDeterminationCoef"=dword:0000000a
"TSTDirtinessCoef"=dword:fffffffb
"TSTFlairCoef"=dword:0000000a
"TSTImportantMatchesCoef"=dword:0000000a
"TSTInfluenceCoef"=dword:0000000a
"TSTOffTheBallCoef"=dword:00000050
"TSTPositioningCoef"=dword:00000014
"TSTTeamworkCoef"=dword:0000000a
"TSTWorkRateCoef"=dword:0000000a
"TSTAccelerationCoef"=dword:00000028
"TSTAgilityCoef"=dword:00000014
"TSTBalanceCoef"=dword:00000014
"TSTInjuryPronenessCoef"=dword:fffffffb
"TSTJumpingCoef"=dword:00000064
"TSTNaturalFitnessCoef"=dword:00000005
"TSTPaceCoef"=dword:00000028
"TSTStaminaCoef"=dword:00000014
"TSTStrengthCoef"=dword:00000050
"TSTVersatilityCoef"=dword:00000005
"TSTAerialAbilityCoef"=dword:00000000
"TSTCommandOfAreaCoef"=dword:00000000
"TSTCommunicationCoef"=dword:00000000
"TSTEccentricityCoef"=dword:00000000
"TSTHandlingCoef"=dword:00000000
"TSTKickingCoef"=dword:00000000
"TSTOneOnOnesCoef"=dword:00000005
"TSTReflexesCoef"=dword:00000005
"TSTRushingOutCoef"=dword:00000000
"TSTTendencyToPunchCoef"=dword:00000000
"TSTThrowingCoef"=dword:00000000
"TSTAdaptabilityCoef"=dword:00000005
"TSTAmbitionCoef"=dword:0000000a
"TSTControversyCoef"=dword:fffffffb
"TSTLoyalityCoef"=dword:00000005
"TSTPressureCoef"=dword:00000005
"TSTProfessionalismCoef"=dword:00000005
"TSTSportsmanshipCoef"=dword:00000005
"TSTTemperamentCoef"=dword:00000005
.
[HKEY_USERS\S-1-5-21-4084055621-2455302966-1550939352-1007\Software\G*e*n*i*e*"!\FM Genie Scout 2009 XE]
"GameDir"="c:\\Documents and Settings\\Compaq_Owner\\My Documents\\Sports Interactive\\Football Manager 2009\\games"
"ShortlistDir"=""
"ScreenshotsDir"="c:\\Documents and Settings\\Compaq_Owner\\My Documents\\Sports Interactive\\Football Manager 2009"
"SaveDir"="c:\\Documents and Settings\\Compaq_Owner\\My Documents\\Sports Interactive\\Football Manager 2009\\"
"HistoryDir"="c:\\Documents and Settings\\Compaq_Owner\\Desktop\\fm_genie_scout_2009_xe\\FM Genie Scout 2009 XE\\History Points"
"LangDB"="c:\\Program Files\\Sports Interactive\\Football Manager 2009\\data\\updates\\update-910\\db\\910\\lang_db.dat"
"LastSaveGame"=""
"Language"="English"
"LoadLangDB"=dword:00000001
"CompressHistoryPoints"=dword:00000000
"HighlightedAttributes"=dword:00000000
"MinCondition"=dword:00000032
"SkinName"="Champions League"
"LastUpdateCheck"=dword:00000000
"HighQualityGUI"=dword:00000001
"AutomaticallyUpdateCheck"=dword:00000001
"AdvancedGeneration"=dword:00000000
"TranslateStaffSkills"=dword:00000001
"TranslatePlayerSkills"=dword:00000001
"TranslatePositions"=dword:00000001
"ShowHistory"=dword:00000001
"Version"=dword:00000067
"UniqueID"="94-0E50-44BF"
"Currency"=dword:00000056
"UseProxy"=dword:00000000
"ProxyHost"=""
"ProxyPort"=""
"UseAuthentication"=dword:00000000
"UserName"=""
"UserPassword"=""
"GraphStep"=dword:00000000
.
[HKEY_USERS\S-1-5-21-4084055621-2455302966-1550939352-1007\Software\SecuROM\License information*]
"datasecu"=hex:7e,a9,52,34,a3,16,49,63,a4,6d,a8,f4,7f,76,57,ae,6c,ac,d1,9a,ee,
01,2e,b2,1b,51,64,2a,1e,48,b9,b4,a5,96,5b,74,e5,5f,b0,04,8d,5c,2a,fe,aa,e5,\
"rkeysecu"=hex:ea,b5,0e,05,8d,5f,99,06,e2,97,8c,9d,0d,82,c7,39
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{5ED60779-4DE2-4E07-B862-974CA4FF2E9C}]
@Denied: (Full) (Everyone)
"scansk"=hex(0):33,60,2a,b1,51,6b,d4,5f,e5,4a,bf,b4,30,bf,04,ca,00,00,0e,46,88,
93,21,ee,61,7f,7c,6f,31,4e,65,0a,2d,a3,ca,0e,e1,dd,bb,e6,00,00,00,00,00,00,\
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{f3cbcafc-5054-4b83-9d95-5da5ccb83342}]
@Denied: (Full) (Everyone)
"Model"=dword:00000055
"Therad"=dword:0000001e
"MData"=hex(0):2b,8f,78,29,5a,0c,ce,ec,48,d4,68,e5,9f,6a,96,3e,ab,de,c5,81,26,
38,95,44,85,b1,12,f9,90,dd,23,a1,49,8c,bf,1a,9d,fe,41,71,cb,3f,46,a4,7c,ab,\
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'winlogon.exe'(1100)
c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll
.
- - - - - - - > 'explorer.exe'(3844)
c:\windows\system32\WININET.dll
c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\MSVCR80.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\program files\Nokia\Nokia PC Suite 7\phonebrowser.dll
c:\program files\Nokia\Nokia PC Suite 7\NGSCM.DLL
c:\program files\Nokia\Nokia PC Suite 7\Lang\PhoneBrowser_eng.nlr
c:\program files\Nokia\Nokia PC Suite 7\Resource\PhoneBrowser_Nokia.ngr
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\savedump.exe
c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Java\jre7\bin\jqs.exe
c:\windows\System32\snmp.exe
c:\windows\SOUNDMAN.EXE
c:\windows\ALCWZRD.EXE
c:\windows\AGRSMMSG.exe
c:\windows\system32\RUNDLL32.EXE
.
**************************************************************************
.
Completion time: 2012-10-26 06:06:41 - machine was rebooted
ComboFix-quarantined-files.txt 2012-10-26 05:06
ComboFix2.txt 2010-12-28 10:16
.
Pre-Run: 98,765,701,120 bytes free
Post-Run: 98,740,895,744 bytes free
.
- - End Of File - - 47984506F802EB0FEAE765847192C5FF

[younggeeza]

Hi. I just checked my startup programs in msconfig and found this which looked like it might have something to do with the dodgy "ytyucuYT."

Startup item - hphswemj
Command - C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\yjpdmegv\hphswemj.exe

I tried turning this off but it's always there when I restart.

I then searched for hphswemj and found this HPHSWEMJ.EXE-1067D69D.pf in C:\WINDOWS\Prefetch.

Also, in C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data, there are multiple .txt files being created all 8 characters long.

Edited by younggeeza, 26 October 2012 - 07:19 PM.

[Nedklaw]

Hi.
You can just leave the RK_Quarantine folder alone.


Step 1

• Quit all programs.
• Start RogueKiller.exe.
• Note: If RogueKiller has been blocked, do not hesitate to try several times. If it really won't run, rename it to winlogon.exe (or winlogon.com) and try again.
• Wait until the Prescan has finished.
• Click on DNSFix.
  
  
  
• Wait for the end of the scan.
• The report has been created on the desktop.

Step 2

1. Close any open browsers.

2. Close/disable all anti-virus and anti-malware programs so they do not interfere with the running of ComboFix.

3. Open notepad and copy/paste the text in the codebox below into it:

File:: 
C:\WINDOWS\System32\ytyucuYT
C:\Documents and Settings\Compaq_Owner\ytyucuYT
C:\Documents and Settings\Compaq_Owner\UN4Qzhb
C:\Documents and Settings\Compaq_Owner\Desktop\ytyucuYT
C:\WINDOWS\assembly\GAC\Desktop.ini
c:\documents and settings\Compaq_Owner\Local Settings\Application Data\yjpdmegv\hphswemj.exe
c:\documents and settings\Alex\Start Menu\Programs\Startup\hphswemj.exe
c:\documents and settings\Compaq_Owner\Start Menu\Programs\Startup\hphswemj.exe
C:\Documents and Settings\Compaq_Owner\Local Settings\Temp\obfaabiv.sys
C:\WINDOWS\Prefetch\HPHSWEMJ.EXE-1067D69D.pf
C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\*.txt
 
Folder:: 
C:\RECYCLER\S-1-5-18\$364d55605115baf1d28d3f84fec5e12b
C:\recycler\S-1-5-21-4084055621-2455302966-1550939352-1007\$364d55605115baf1d28d3f84fec5e12b
c:\documents and settings\Compaq_Owner\Local Settings\Application Data\yjpdmegv
 
Registry:: 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HphSwemj"=-
"ytyucuYT"=-
[HKEY_USERS\S-1-5-21-4084055621-2455302966-1550939352-1007\Software\Microsoft\Windows\CurrentVersion\Run]
"HphSwemj"=-
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"Userinit"="c:\windows\system32\userinit.exe,"
 
Driver::
az3l62rr
at9o0ypl
Micorsoft Windows Service

Save this as CFScript.txt, in the same location as ComboFix.exe.




Refering to the picture above, drag CFScript into ComboFix.exe.

When finished, it shall produce a log for you at C:\ComboFix.txt which I will require in your next reply.


Things I want to see in your next reply

• RKreport.txt
• ComboFix.txt

[younggeeza]

Machine looks completely virus riddled huh. The hphswemj entry in msconfig is still there.

-------------------------------------------------------------------------------------------------------------------------------------

RKreport[1]

RogueKiller V8.2.0 [10/22/2012] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Feedback: http://www.geekstogo...13-roguekiller/
Website: http://tigzy.geeksto...roguekiller.php
Blog: http://tigzyrk.blogspot.com

Operating System: Windows XP (5.1.2600 Service Pack 3) 32 bits version
Started in : Normal mode
User : Compaq_Owner [Admin rights]
Mode : DNSFix -- Date : 10/28/2012 03:15:38

¤¤¤ Bad processes : 4 ¤¤¤
[SVCHOST] svchost.exe -- C:\WINDOWS\system32\svchost.exe -> KILLED [TermProc]
[SVCHOST] svchost.exe -- C:\WINDOWS\system32\svchost.exe -> KILLED [TermProc]
[SUSP PATH] UiYTumK -- C:\Documents and Settings\Compaq_Owner\Desktop\UiYTumK -> KILLED [TermThr]
[SUSP PATH] yucnygos.exe -- C:\Documents and Settings\Compaq_Owner\Local Settings\temp\yucnygos.exe -> KILLED [TermProc]

¤¤¤ Registry Entries : 3 ¤¤¤
[DNS] HKLM\[...]\ControlSet001\Services\Interfaces\{5E80B4AE-DD94-4845-A6AC-4BB27958EABB} : NameServer (93.188.162.74,93.188.161.7) -> REPLACED ()
[DNS] HKLM\[...]\ControlSet001\Services\Interfaces\{6110B636-E929-44CD-8FDE-C2EE284CDE3A} : NameServer (93.188.162.74,93.188.161.7) -> REPLACED ()
[DNS] HKLM\[...]\ControlSet001\Services\Interfaces\{C4C88BE3-1502-4FE3-8491-AD92F2A54658} : NameServer (93.188.162.74,93.188.161.7) -> REPLACED ()

¤¤¤ Driver : [LOADED] ¤¤¤

Finished : << RKreport[1].txt >>
RKreport[1].txt

-------------------------------------------------------------------------------------------------------------------------

ComboFixlog

ComboFix 12-10-26.05 - Compaq_Owner 28/10/2012 3:25.4.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.44.1033.18.3071.2507 [GMT 0:00]
Running from: c:\documents and settings\Compaq_Owner\Desktop\ComboFix.exe.exe
Command switches used :: c:\documents and settings\Compaq_Owner\Desktop\CFScript.txt.txt
* Created a new restore point
.
FILE ::
"c:\documents and settings\Alex\Start Menu\Programs\Startup\hphswemj.exe"
"c:\documents and settings\Compaq_Owner\Desktop\ytyucuYT"
"c:\documents and settings\Compaq_Owner\Local Settings\Application Data\yjpdmegv\hphswemj.exe"
"c:\documents and settings\Compaq_Owner\Local Settings\Temp\obfaabiv.sys"
"c:\documents and settings\Compaq_Owner\Start Menu\Programs\Startup\hphswemj.exe"
"c:\documents and settings\Compaq_Owner\UN4Qzhb"
"c:\documents and settings\Compaq_Owner\ytyucuYT"
"c:\windows\assembly\GAC\Desktop.ini"
"c:\windows\Prefetch\HPHSWEMJ.EXE-1067D69D.pf"
"c:\windows\System32\ytyucuYT"
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\Alex\1CeYHfG
c:\documents and settings\Alex\Local Settings\Application Data\bsbybbtu.log
c:\documents and settings\Alex\Local Settings\Application Data\c8c47f7ae0.log
c:\documents and settings\Alex\Local Settings\Application Data\jjxylaod.log
c:\documents and settings\Alex\Local Settings\Application Data\kjnojkrt.log
c:\documents and settings\Alex\Local Settings\Application Data\ncoguvxx.log
c:\documents and settings\Alex\Local Settings\Application Data\tyyliydr.log
c:\documents and settings\Alex\Local Settings\Application Data\ulrmjsst.log
c:\documents and settings\Alex\Local Settings\Application Data\weljvrww.log
c:\documents and settings\Alex\Local Settings\Application Data\yvcwfauj.log
c:\documents and settings\Alex\ytyucuYT
c:\documents and settings\Compaq_Owner\1CeYHfG
c:\documents and settings\Compaq_Owner\Local Settings\Application Data\bsbybbtu.log
c:\documents and settings\Compaq_Owner\Local Settings\Application Data\istlpdhg.log
c:\documents and settings\Compaq_Owner\Local Settings\Application Data\jjxylaod.log
c:\documents and settings\Compaq_Owner\Local Settings\Application Data\kjnojkrt.log
c:\documents and settings\Compaq_Owner\Local Settings\Application Data\ncoguvxx.log
c:\documents and settings\Compaq_Owner\Local Settings\Application Data\tyyliydr.log
c:\documents and settings\Compaq_Owner\Local Settings\Application Data\ulrmjsst.log
c:\documents and settings\Compaq_Owner\Local Settings\Application Data\weljvrww.log
c:\documents and settings\Compaq_Owner\Local Settings\Application Data\yjpdmegv
c:\documents and settings\Compaq_Owner\Local Settings\Application Data\yjpdmegv\hphswemj.exe
c:\documents and settings\Compaq_Owner\Local Settings\Application Data\yvcwfauj.log
c:\documents and settings\Compaq_Owner\UN4Qzhb
c:\documents and settings\Compaq_Owner\ytyucuYT
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_MICORSOFT_WINDOWS_SERVICE
-------\Service_Micorsoft Windows Service
.
.
((((((((((((((((((((((((( Files Created from 2012-09-28 to 2012-10-28 )))))))))))))))))))))))))))))))
.
.
2012-10-26 04:36 . 2012-10-28 03:36 100144 ---ha-w- c:\windows\system32\ytyucuYT
2012-10-25 23:36 . 2012-10-25 23:36 -------- d-----w- C:\TDSSKiller_Quarantine
2012-10-20 19:39 . 2012-10-20 20:09 40776 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2012-10-20 19:29 . 2012-10-20 20:09 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2012-10-20 19:29 . 2012-09-29 18:54 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-10-14 16:47 . 2012-10-14 16:47 -------- d-----w- C:\Utopia
2012-10-09 16:35 . 2012-10-09 16:35 9575864 ----a-w- c:\windows\system32\FlashPlayerInstaller.exe
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-10-09 16:41 . 2012-06-27 20:19 696760 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-10-09 16:41 . 2011-12-27 23:50 73656 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-09-04 13:22 . 2012-09-04 13:22 388096 ----a-w- c:\documents and settings\Compaq_Owner\Application Data\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2012-09-04 09:21 . 2012-09-04 09:22 93672 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2012-09-04 09:21 . 2012-08-22 19:39 821736 ----a-w- c:\windows\system32\npDeployJava1.dll
2012-09-04 09:21 . 2009-03-18 15:03 143872 ----a-w- c:\windows\system32\javacpl.cpl
2012-09-04 09:21 . 2011-01-02 04:32 746984 ----a-w- c:\windows\system32\deployJava1.dll
2012-10-26 23:41 . 2012-10-26 23:41 261600 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2010-04-01 357696]
"Pando Media Booster"="c:\program files\Pando Networks\Media Booster\PMB.exe" [2011-07-03 3077528]
"HphSwemj"="c:\documents and settings\Compaq_Owner\Local Settings\Application Data\yjpdmegv\hphswemj.exe" [2012-10-28 100144]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" [2005-04-12 14156800]
"SoundMan"="SOUNDMAN.EXE" [2004-07-29 77824]
"CTHelper"="CTHELPER.EXE" [2003-11-13 24576]
"AlcWzrd"="ALCWZRD.EXE" [2004-07-29 2551808]
"SiSPower"="SiSPower.dll" [2004-09-24 49152]
"Recguard"="c:\windows\SMINST\RECGUARD.EXE" [2004-04-14 233472]
"LVCOMS"="c:\program files\Common Files\Logitech\QCDriver2\LVCOMS.EXE" [2003-09-04 135214]
"LSBWatcher"="c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe" [2004-10-14 253952]
"KBD"="c:\hp\KBD\KBD.EXE" [2003-02-11 61440]
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2004-06-16 184320]
"ISUSPM Startup"="c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2004-06-16 319488]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2004-08-20 155648]
"hpsysdrv"="c:\windows\system\hpsysdrv.exe" [1998-05-07 52736]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"AGRSMMSG"="AGRSMMSG.exe" [2004-06-29 88363]
"F5D8055v2"="c:\program files\Belkin\F5D8055\v2\Belkinwcui.exe" [2009-04-08 1662976]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-01-15 13680640]
"nwiz"="nwiz.exe" [2009-01-15 1657376]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2009-01-15 86016]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360]
"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2011-07-27 434080]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"Userinit"="c:\windows\system32\userinit.exe,,c:\documents and settings\Compaq_Owner\Local Settings\Application Data\yjpdmegv\hphswemj.exe"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn]
2011-09-27 19:03 66328 ----a-w- c:\program files\Common Files\Logishrd\Bluetooth\LBTWLgn.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]
@=""
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DevconDefaultDB]
c:\windows\READREG [X]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AsioReg]
2003-11-13 18:04 126976 ----a-w- c:\windows\system32\CTASIO.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BitTorrent DNA]
2011-01-02 02:30 323392 ----a-w- c:\program files\DNA\btdna.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BrowserChoice]
2010-02-12 10:03 293376 ------w- c:\windows\system32\browserchoice.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
2008-12-29 10:40 687560 ----a-w- c:\program files\DAEMON Tools Lite\daemon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
2011-07-28 23:08 1259376 ----a-w- c:\program files\DivX\DivX Update\DivXUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2008-11-20 13:20 290088 ----a-w- c:\program files\iTunes\iTunesHelper.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LolMatches Client]
2012-09-28 14:50 1292288 ----a-w- c:\program files\LolMatches Client\LolMatches Client.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
2008-04-14 00:12 1695232 --s---w- c:\program files\Messenger\msmsgs.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSN Webcam Recorder]
2008-03-17 09:06 253952 ----a-w- c:\program files\MSN Webcam Recorder\ml20gui.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
2010-04-16 21:12 3872080 ----a-w- c:\program files\Windows Live\Messenger\msnmsgr.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Nokia.PCSync]
2008-06-17 16:00 1351680 ----a-w- c:\program files\Nokia\Nokia PC Suite 7\PcSync2.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
2009-01-15 07:19 13680640 ----a-w- c:\windows\system32\nvcpl.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
2009-01-15 07:19 86016 ----a-w- c:\windows\system32\nvmctray.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
2009-01-15 07:19 1657376 ----a-w- c:\windows\system32\nwiz.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray]
2008-10-02 07:00 1226240 ----a-w- c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PS2]
2003-09-12 20:13 98304 ----a-w- c:\windows\system32\ps2.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2008-11-04 10:30 516096 ----a-w- c:\program files\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RealTray]
2009-01-07 00:46 122880 ----a-w- c:\program files\Real\RealPlayer\realplay.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SetDefaultMIDI]
2003-06-20 19:13 49152 -c--a-w- c:\windows\MIDIDEF.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoftAP]
2004-02-17 10:19 638976 ----a-w- c:\program files\Arcadyan Wireless\NetCfgWizard.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
2012-08-31 12:35 1353080 ----a-w- c:\program files\Steam\steam.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Wireless SoftAP]
2004-02-17 10:20 770048 ----a-w- c:\program files\Arcadyan Wireless\Configuration\SoftAP.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001
"FirewallDisableNotify"=dword:00000001
"UpdatesDisableNotify"=dword:00000001
"AntiVirusOverride"=dword:00000001
"FirewallOverride"=dword:00000001
"UacDisableNotify"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
"DisableNotifications"= 1 (0x1)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
.
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [07/01/2009 05:33 691696]
R2 LBeepKE;Logitech Beep Suppression Driver;c:\windows\system32\drivers\LBeepKE.sys [24/03/2012 19:16 12184]
R2 MBAMScheduler;MBAMScheduler;c:\program files\Malwarebytes' Anti-Malware\mbamscheduler.exe [20/10/2012 20:09 399432]
R2 PCTWPASV;SoftAP WPA Authenticator Service;c:\program files\Arcadyan Wireless\pctwpasv.exe [30/01/2004 13:59 204800]
R3 PRISM_A00;Intersil PRISM 802.11a/g Driver;c:\windows\system32\drivers\PCTELSAP.SYS [29/01/2004 22:29 350282]
R4 Micorsoft Windows Service;Micorsoft Windows Service;\??\c:\docume~1\COMPAQ~1\LOCALS~1\Temp\obfaabiv.sys --> c:\docume~1\COMPAQ~1\LOCALS~1\Temp\obfaabiv.sys [?]
S3 ADM8511;%ADM8511.Service.DispName%;c:\windows\system32\drivers\ADM8511.SYS [17/08/2001 12:11 20160]
S3 EagleXNt;EagleXNt;\??\c:\windows\system32\drivers\EagleXNt.sys --> c:\windows\system32\drivers\EagleXNt.sys [?]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [20/10/2012 19:29 22856]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [20/10/2012 19:39 40776]
S3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\Mozilla Maintenance Service\maintenanceservice.exe [30/06/2012 17:37 115168]
S3 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [06/11/2007 20:22 34064]
S3 PID_0920;Logitech QuickCam Express(PID_0920);c:\windows\system32\drivers\LV532AV.SYS [07/01/2009 00:46 152576]
S3 PROCEXP151;PROCEXP151;\??\c:\windows\system32\Drivers\PROCEXP151.SYS --> c:\windows\system32\Drivers\PROCEXP151.SYS [?]
S3 RegKernelHelp;RegKernelHelp;\??\c:\program files\Safe Returner\RegKernelHelp.sys --> c:\program files\Safe Returner\RegKernelHelp.sys [?]
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - MICORSOFT_WINDOWS_SERVICE
.
Contents of the 'Scheduled Tasks' folder
.
2012-10-16 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 12:34]
.
.
------- Supplementary Scan -------
.
uSearchMigratedDefaultURL = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 194.168.4.100 194.168.8.100
FF - ProfilePath - c:\documents and settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\r774xhi2.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.soa-clan.info/forum/
FF - prefs.js: network.proxy.type - 0
FF - ExtSQL: 2012-10-09 16:36; [email protected]; c:\documents and settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\r774xhi2.default\extensions\[email protected]
FF - user.js: network.cookie.cookieBehavior - 0
FF - user.js: privacy.clearOnShutdown.cookies - false
FF - user.js: security.warn_viewing_mixed - false
FF - user.js: security.warn_viewing_mixed.show_once - false
FF - user.js: security.warn_submit_insecure - false
FF - user.js: security.warn_submit_insecure.show_once - false
.
- - - - ORPHANS REMOVED - - - -
.
MSConfigStartUp-HphSwemj - c:\documents and settings\Compaq_Owner\Local Settings\Application Data\yjpdmegv\hphswemj.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-10-28 03:36
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
.
c:\documents and settings\Compaq_Owner\Start Menu\Programs\Startup\hphswemj.exe 100144 bytes executable
.
scan completed successfully
hidden files: 1
.
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-4084055621-2455302966-1550939352-1007\Software\G*e*n*i*e*"!\FM Genie Scout 2008]
"GameDir"=""
"ShortlistDir"=""
"ScreenshotsDir"=""
"SaveDir"=""
"HistoryDir"="c:\\Documents and Settings\\Compaq_Owner\\Desktop\\fm_genie_scout_2008\\FM Genie Scout 2008\\History Points"
"LangDB"=""
"LastSaveGame"=""
"Language"="English"
"LoadLangDB"=dword:00000000
"CompressHistoryPoints"=dword:00000000
"HighlightedAttributes"=dword:00000000
"MinCondition"=dword:00000050
"SkinID"=dword:00000001
"LastUpdateCheck"=dword:00000000
"HighQualityGUI"=dword:00000001
"AutomaticallyUpdateCheck"=dword:00000001
"AdvancedGeneration"=dword:00000000
"TranslateStaffSkills"=dword:00000001
"TranslatePlayerSkills"=dword:00000001
"TranslatePositions"=dword:00000001
"ShowHistory"=dword:00000001
"WindowState"=dword:00000000
"WindowHeight"=dword:0000026d
"WindowWidth"=dword:000003fc
"WindowLeft"=dword:00000082
"WindowTop"=dword:000000ca
"UseProxy"=dword:00000000
"ProxyHost"=""
"ProxyPort"=""
"UseAuthentication"=dword:00000000
"UserName"=""
"UserPassword"=""
.
[HKEY_USERS\S-1-5-21-4084055621-2455302966-1550939352-1007\Software\G*e*n*i*e*"!\FM Genie Scout 2008\Columns\Clubs]
"Position0"=dword:00000000
"Visible0"=dword:00000001
"Width0"=dword:0000007d
"Position1"=dword:00000001
"Visible1"=dword:00000001
"Width1"=dword:00000064
"Position2"=dword:00000002
"Visible2"=dword:00000001
"Width2"=dword:00000064
"Position3"=dword:00000003
"Visible3"=dword:00000001
"Width3"=dword:00000032
"Position4"=dword:00000004
"Visible4"=dword:00000001
"Width4"=dword:00000032
"Position5"=dword:00000005
"Visible5"=dword:00000001
"Width5"=dword:00000050
"Position6"=dword:00000006
"Visible6"=dword:00000001
"Width6"=dword:00000050
"Position7"=dword:00000007
"Visible7"=dword:00000001
"Width7"=dword:00000050
"Position8"=dword:00000008
"Visible8"=dword:00000000
"Width8"=dword:00000050
"Position9"=dword:00000009
"Visible9"=dword:00000000
"Width9"=dword:0000002d
"Position10"=dword:0000000a
"Visible10"=dword:00000000
"Width10"=dword:0000001e
"Position11"=dword:0000000b
"Visible11"=dword:00000000
"Width11"=dword:0000001e
"Position12"=dword:0000000c
"Visible12"=dword:00000000
"Width12"=dword:0000001e
"Position13"=dword:0000000d
"Visible13"=dword:00000001
"Width13"=dword:0000003c
"Position14"=dword:0000000e
"Visible14"=dword:00000000
"Width14"=dword:00000032
"Position15"=dword:0000000f
"Visible15"=dword:00000000
"Width15"=dword:00000032
"Position16"=dword:00000010
"Visible16"=dword:00000000
"Width16"=dword:00000032
"Position17"=dword:00000011
"Visible17"=dword:00000001
"Width17"=dword:00000050
"Position18"=dword:00000012
"Visible18"=dword:00000001
"Width18"=dword:00000050
"Position19"=dword:00000013
"Visible19"=dword:00000000
"Width19"=dword:00000050
.
[HKEY_USERS\S-1-5-21-4084055621-2455302966-1550939352-1007\Software\G*e*n*i*e*"!\FM Genie Scout 2008\Columns\Players]
"Position0"=dword:00000000
"Visible0"=dword:00000001
"Width0"=dword:0000007d
"Position1"=dword:00000001
"Visible1"=dword:00000001
"Width1"=dword:00000064
"Position2"=dword:00000002
"Visible2"=dword:00000001
"Width2"=dword:00000064
"Position3"=dword:00000003
"Visible3"=dword:00000001
"Width3"=dword:00000037
"Position4"=dword:00000008
"Visible4"=dword:00000001
"Width4"=dword:00000023
"Position5"=dword:00000009
"Visible5"=dword:00000001
"Width5"=dword:00000028
"Position6"=dword:0000000a
"Visible6"=dword:00000001
"Width6"=dword:00000028
"Position7"=dword:0000000c
"Visible7"=dword:00000001
"Width7"=dword:0000004b
"Position8"=dword:0000000d
"Visible8"=dword:00000001
"Width8"=dword:0000004b
"Position9"=dword:0000000e
"Visible9"=dword:00000001
"Width9"=dword:00000050
"Position10"=dword:00000010
"Visible10"=dword:00000000
"Width10"=dword:00000050
"Position11"=dword:00000011
"Visible11"=dword:00000000
"Width11"=dword:0000004b
"Position12"=dword:00000012
"Visible12"=dword:00000000
"Width12"=dword:0000002d
"Position13"=dword:00000013
"Visible13"=dword:00000000
"Width13"=dword:0000003c
"Position14"=dword:00000014
"Visible14"=dword:00000000
"Width14"=dword:0000004b
"Position15"=dword:00000015
"Visible15"=dword:00000000
"Width15"=dword:00000064
"Position16"=dword:00000016
"Visible16"=dword:00000000
"Width16"=dword:00000064
"Position17"=dword:00000017
"Visible17"=dword:00000000
"Width17"=dword:0000004b
"Position18"=dword:00000018
"Visible18"=dword:00000000
"Width18"=dword:00000064
"Position19"=dword:00000019
"Visible19"=dword:00000000
"Width19"=dword:0000003c
"Position20"=dword:0000001a
"Visible20"=dword:00000000
"Width20"=dword:0000004b
"Position21"=dword:0000001b
"Visible21"=dword:00000000
"Width21"=dword:00000050
"Position22"=dword:0000001c
"Visible22"=dword:00000000
"Width22"=dword:00000073
"Position23"=dword:0000001d
"Visible23"=dword:00000000
"Width23"=dword:00000050
"Position24"=dword:0000001e
"Visible24"=dword:00000000
"Width24"=dword:0000005a
"Position25"=dword:0000001f
"Visible25"=dword:00000000
"Width25"=dword:0000006e
"Position26"=dword:00000020
"Visible26"=dword:00000000
"Width26"=dword:00000064
"Position27"=dword:00000021
"Visible27"=dword:00000000
"Width27"=dword:00000087
"Position28"=dword:00000022
"Visible28"=dword:00000000
"Width28"=dword:00000064
"Position29"=dword:00000023
"Visible29"=dword:00000000
"Width29"=dword:00000064
"Position30"=dword:00000024
"Visible30"=dword:00000000
"Width30"=dword:00000046
"Position31"=dword:00000025
"Visible31"=dword:00000000
"Width31"=dword:0000004b
"Position32"=dword:00000026
"Visible32"=dword:00000000
"Width32"=dword:00000046
"Position33"=dword:00000027
"Visible33"=dword:00000000
"Width33"=dword:0000004b
"Position34"=dword:00000028
"Visible34"=dword:00000000
"Width34"=dword:0000003c
"Position35"=dword:0000002a
"Visible35"=dword:00000000
"Width35"=dword:00000064
"Position36"=dword:0000002e
"Visible36"=dword:00000000
"Width36"=dword:00000073
"Position37"=dword:00000030
"Visible37"=dword:00000000
"Width37"=dword:0000005f
"Position38"=dword:00000033
"Visible38"=dword:00000000
"Width38"=dword:00000091
"Position39"=dword:00000035
"Visible39"=dword:00000000
"Width39"=dword:0000003c
"Position40"=dword:0000002c
"Visible40"=dword:00000000
"Width40"=dword:0000005a
"Position41"=dword:00000036
"Visible41"=dword:00000000
"Width41"=dword:00000041
"Position42"=dword:00000029
"Visible42"=dword:00000000
"Width42"=dword:00000050
"Position43"=dword:0000002b
"Visible43"=dword:00000000
"Width43"=dword:00000055
"Position44"=dword:0000002d
"Visible44"=dword:00000000
"Width44"=dword:0000005f
"Position45"=dword:00000037
"Visible45"=dword:00000000
"Width45"=dword:00000050
"Position46"=dword:00000038
"Visible46"=dword:00000000
"Width46"=dword:0000004b
"Position47"=dword:00000039
"Visible47"=dword:00000000
"Width47"=dword:0000004b
"Position48"=dword:0000003a
"Visible48"=dword:00000000
"Width48"=dword:00000046
"Position49"=dword:0000003b
"Visible49"=dword:00000000
"Width49"=dword:00000032
"Position50"=dword:0000003c
"Visible50"=dword:00000000
"Width50"=dword:0000003c
"Position51"=dword:0000003d
"Visible51"=dword:00000000
"Width51"=dword:0000004b
"Position52"=dword:0000003e
"Visible52"=dword:00000000
"Width52"=dword:0000003c
"Position53"=dword:0000003f
"Visible53"=dword:00000000
"Width53"=dword:00000037
"Position54"=dword:00000040
"Visible54"=dword:00000000
"Width54"=dword:00000069
"Position55"=dword:00000041
"Visible55"=dword:00000000
"Width55"=dword:0000005a
"Position56"=dword:00000044
"Visible56"=dword:00000000
"Width56"=dword:0000004b
"Position57"=dword:00000045
"Visible57"=dword:00000000
"Width57"=dword:0000004b
"Position58"=dword:00000046
"Visible58"=dword:00000000
"Width58"=dword:00000037
"Position59"=dword:00000047
"Visible59"=dword:00000000
"Width59"=dword:0000003c
"Position60"=dword:00000048
"Visible60"=dword:00000000
"Width60"=dword:0000003c
"Position61"=dword:00000049
"Visible61"=dword:00000000
"Width61"=dword:00000041
"Position62"=dword:0000004a
"Visible62"=dword:00000000
"Width62"=dword:00000055
"Position63"=dword:0000004b
"Visible63"=dword:00000000
"Width63"=dword:0000003c
"Position64"=dword:0000004c
"Visible64"=dword:00000000
"Width64"=dword:0000003c
"Position65"=dword:0000004d
"Visible65"=dword:00000000
"Width65"=dword:0000004b
"Position66"=dword:0000004e
"Visible66"=dword:00000000
"Width66"=dword:0000003c
"Position67"=dword:0000004f
"Visible67"=dword:00000000
"Width67"=dword:00000046
"Position68"=dword:00000050
"Visible68"=dword:00000000
"Width68"=dword:00000028
"Position69"=dword:00000051
"Visible69"=dword:00000000
"Width69"=dword:00000041
"Position70"=dword:00000052
"Visible70"=dword:00000000
"Width70"=dword:0000003c
"Position71"=dword:00000053
"Visible71"=dword:00000000
"Width71"=dword:00000069
"Position72"=dword:00000054
"Visible72"=dword:00000000
"Width72"=dword:00000041
"Position73"=dword:00000055
"Visible73"=dword:00000000
"Width73"=dword:0000005f
"Position74"=dword:00000056
"Visible74"=dword:00000000
"Width74"=dword:0000003c
"Position75"=dword:00000057
"Visible75"=dword:00000000
"Width75"=dword:00000037
"Position76"=dword:00000058
"Visible76"=dword:00000000
"Width76"=dword:0000004b
"Position77"=dword:00000059
"Visible77"=dword:00000000
"Width77"=dword:00000050
"Position78"=dword:0000005a
"Visible78"=dword:00000000
"Width78"=dword:00000037
"Position79"=dword:0000005b
"Visible79"=dword:00000000
"Width79"=dword:00000037
"Position80"=dword:0000005c
"Visible80"=dword:00000000
"Width80"=dword:0000005a
"Position81"=dword:0000005d
"Visible81"=dword:00000000
"Width81"=dword:0000004b
"Position82"=dword:0000005e
"Visible82"=dword:00000000
"Width82"=dword:00000055
"Position83"=dword:0000005f
"Visible83"=dword:00000000
"Width83"=dword:0000002d
"Position84"=dword:00000060
"Visible84"=dword:00000000
"Width84"=dword:00000037
"Position85"=dword:00000061
"Visible85"=dword:00000000
"Width85"=dword:0000003c
"Position86"=dword:00000062
"Visible86"=dword:00000000
"Width86"=dword:00000046
"Position87"=dword:00000063
"Visible87"=dword:00000000
"Width87"=dword:0000003c
"Position88"=dword:00000064
"Visible88"=dword:00000000
"Width88"=dword:0000005a
"Position89"=dword:00000065
"Visible89"=dword:00000000
"Width89"=dword:0000003c
"Position90"=dword:00000066
"Visible90"=dword:00000000
"Width90"=dword:00000050
"Position91"=dword:00000067
"Visible91"=dword:00000000
"Width91"=dword:00000046
"Position92"=dword:00000068
"Visible92"=dword:00000000
"Width92"=dword:0000005a
"Position93"=dword:00000069
"Visible93"=dword:00000000
"Width93"=dword:00000037
"Position94"=dword:0000006a
"Visible94"=dword:00000000
"Width94"=dword:0000003c
"Position95"=dword:0000006b
"Visible95"=dword:00000000
"Width95"=dword:0000003c
"Position96"=dword:0000006c
"Visible96"=dword:00000000
"Width96"=dword:00000046
"Position97"=dword:0000006d
"Visible97"=dword:00000000
"Width97"=dword:00000046
"Position98"=dword:0000006e
"Visible98"=dword:00000000
"Width98"=dword:00000055
"Position99"=dword:0000006f
"Visible99"=dword:00000000
"Width99"=dword:00000073
"Position100"=dword:00000042
"Visible100"=dword:00000000
"Width100"=dword:00000041
"Position101"=dword:00000070
"Visible101"=dword:00000000
"Width101"=dword:0000003c
"Position102"=dword:00000071
"Visible102"=dword:00000000
"Width102"=dword:0000003c
"Position103"=dword:00000072
"Visible103"=dword:00000000
"Width103"=dword:00000046
"Position104"=dword:00000073
"Visible104"=dword:00000000
"Width104"=dword:0000003c
"Position105"=dword:00000074
"Visible105"=dword:00000000
"Width105"=dword:00000041
"Position106"=dword:0000000f
"Visible106"=dword:00000001
"Width106"=dword:00000050
"Position107"=dword:0000000b
"Visible107"=dword:00000001
"Width107"=dword:00000028
"Position108"=dword:00000043
"Visible108"=dword:00000000
"Width108"=dword:00000050
"Position109"=dword:0000002f
"Visible109"=dword:00000000
"Width109"=dword:00000050
"Position110"=dword:00000031
"Visible110"=dword:00000000
"Width110"=dword:00000055
"Position111"=dword:00000032
"Visible111"=dword:00000000
"Width111"=dword:00000082
"Position112"=dword:00000034
"Visible112"=dword:00000000
"Width112"=dword:00000087
"Position113"=dword:00000075
"Visible113"=dword:00000000
"Width113"=dword:00000050
"Position114"=dword:00000076
"Visible114"=dword:00000000
"Width114"=dword:00000050
"Position115"=dword:00000077
"Visible115"=dword:00000000
"Width115"=dword:00000050
"Position116"=dword:00000078
"Visible116"=dword:00000000
"Width116"=dword:00000050
"Position117"=dword:00000079
"Visible117"=dword:00000000
"Width117"=dword:00000050
"Position118"=dword:0000007a
"Visible118"=dword:00000000
"Width118"=dword:00000050
"Position119"=dword:0000007b
"Visible119"=dword:00000000
"Width119"=dword:00000050
"Position120"=dword:0000007c
"Visible120"=dword:00000000
"Width120"=dword:00000050
"Position121"=dword:0000007d
"Visible121"=dword:00000000
"Width121"=dword:00000050
"Position122"=dword:0000007e
"Visible122"=dword:00000000
"Width122"=dword:00000050
"Position123"=dword:0000007f
"Visible123"=dword:00000000
"Width123"=dword:00000050
"Position124"=dword:00000080
"Visible124"=dword:00000000
"Width124"=dword:00000050
"Position125"=dword:00000081
"Visible125"=dword:00000000
"Width125"=dword:00000050
"Position126"=dword:00000082
"Visible126"=dword:00000000
"Width126"=dword:00000050
"Position127"=dword:00000083
"Visible127"=dword:00000000
"Width127"=dword:00000050
"Position128"=dword:00000084
"Visible128"=dword:00000000
"Width128"=dword:00000050
"Position129"=dword:00000085
"Visible129"=dword:00000000
"Width129"=dword:00000050
"Position130"=dword:00000086
"Visible130"=dword:00000000
"Width130"=dword:00000050
"Position131"=dword:00000087
"Visible131"=dword:00000000
"Width131"=dword:00000050
"Position132"=dword:00000088
"Visible132"=dword:00000000
"Width132"=dword:00000050
"Position133"=dword:00000089
"Visible133"=dword:00000000
"Width133"=dword:00000050
"Position134"=dword:0000008a
"Visible134"=dword:00000000
"Width134"=dword:00000050
"Position135"=dword:0000008b
"Visible135"=dword:00000000
"Width135"=dword:00000050
"Position136"=dword:0000008c
"Visible136"=dword:00000000
"Width136"=dword:00000050
"Position137"=dword:0000008d
"Visible137"=dword:00000000
"Width137"=dword:00000050
"Position138"=dword:0000008e
"Visible138"=dword:00000000
"Width138"=dword:00000050
"Position139"=dword:0000008f
"Visible139"=dword:00000000
"Width139"=dword:00000050
"Position140"=dword:00000090
"Visible140"=dword:00000000
"Width140"=dword:00000050
"Position141"=dword:00000091
"Visible141"=dword:00000000
"Width141"=dword:00000050
"Position142"=dword:00000092
"Visible142"=dword:00000000
"Width142"=dword:00000050
"Position143"=dword:00000093
"Visible143"=dword:00000000
"Width143"=dword:00000050
"Position144"=dword:00000094
"Visible144"=dword:00000000
"Width144"=dword:00000050
"Position145"=dword:00000095
"Visible145"=dword:00000000
"Width145"=dword:00000050
"Position146"=dword:00000004
"Visible146"=dword:00000000
"Width146"=dword:00000037
"Position147"=dword:00000005
"Visible147"=dword:00000000
"Width147"=dword:00000028
"Position148"=dword:00000006
"Visible148"=dword:00000000
"Width148"=dword:00000037
"Position149"=dword:00000007
"Visible149"=dword:00000001
"Width149"=dword:00000028
.
[HKEY_USERS\S-1-5-21-4084055621-2455302966-1550939352-1007\Software\G*e*n*i*e*"!\FM Genie Scout 2008\Columns\Staff]
"Position0"=dword:00000000
"Visible0"=dword:00000001
"Width0"=dword:0000007d
"Position1"=dword:00000001
"Visible1"=dword:00000001
"Width1"=dword:00000064
"Position2"=dword:00000002
"Visible2"=dword:00000001
"Width2"=dword:00000064
"Position3"=dword:00000003
"Visible3"=dword:00000001
"Width3"=dword:00000069
"Position4"=dword:00000005
"Visible4"=dword:00000001
"Width4"=dword:00000028
"Position5"=dword:00000006
"Visible5"=dword:00000001
"Width5"=dword:00000028
"Position6"=dword:00000004
"Visible6"=dword:00000001
"Width6"=dword:00000028
"Position7"=dword:00000007
"Visible7"=dword:00000001
"Width7"=dword:00000050
"Position8"=dword:00000008
"Visible8"=dword:00000000
"Width8"=dword:00000050
"Position9"=dword:00000009
"Visible9"=dword:00000000
"Width9"=dword:0000004b
"Position10"=dword:0000000a
"Visible10"=dword:00000000
"Width10"=dword:0000002d
"Position11"=dword:0000000b
"Visible11"=dword:00000000
"Width11"=dword:0000003c
"Position12"=dword:0000000c
"Visible12"=dword:00000000
"Width12"=dword:0000004b
"Position13"=dword:0000000d
"Visible13"=dword:00000000
"Width13"=dword:00000064
"Position14"=dword:0000000e
"Visible14"=dword:00000000
"Width14"=dword:00000064
"Position15"=dword:0000000f
"Visible15"=dword:00000000
"Width15"=dword:0000004b
"Position16"=dword:00000010
"Visible16"=dword:00000000
"Width16"=dword:00000064
"Position17"=dword:00000011
"Visible17"=dword:00000000
"Width17"=dword:0000003c
"Position18"=dword:00000012
"Visible18"=dword:00000000
"Width18"=dword:0000004b
"Position19"=dword:00000013
"Visible19"=dword:00000000
"Width19"=dword:00000050
"Position20"=dword:00000014
"Visible20"=dword:00000000
"Width20"=dword:00000046
"Position21"=dword:00000015
"Visible21"=dword:00000000
"Width21"=dword:0000004b
"Position22"=dword:00000016
"Visible22"=dword:00000000
"Width22"=dword:00000046
"Position23"=dword:00000017
"Visible23"=dword:00000000
"Width23"=dword:00000046
"Position24"=dword:00000018
"Visible24"=dword:00000000
"Width24"=dword:0000003c
"Position25"=dword:00000019
"Visible25"=dword:00000000
"Width25"=dword:00000041
"Position26"=dword:0000001a
"Visible26"=dword:00000000
"Width26"=dword:0000003c
"Position27"=dword:0000001b
"Visible27"=dword:00000000
"Width27"=dword:00000055
"Position28"=dword:0000001c
"Visible28"=dword:00000000
"Width28"=dword:00000069
"Position29"=dword:0000001d
"Visible29"=dword:00000000
"Width29"=dword:0000006e
"Position30"=dword:0000001e
"Visible30"=dword:00000000
"Width30"=dword:00000064
"Position31"=dword:0000001f
"Visible31"=dword:00000000
"Width31"=dword:00000078
"Position32"=dword:00000020
"Visible32"=dword:00000000
"Width32"=dword:00000064
"Position33"=dword:00000021
"Visible33"=dword:00000000
"Width33"=dword:00000087
"Position34"=dword:00000022
"Visible34"=dword:00000000
"Width34"=dword:00000069
"Position35"=dword:00000023
"Visible35"=dword:00000000
"Width35"=dword:0000006e
"Position36"=dword:00000024
"Visible36"=dword:00000000
"Width36"=dword:00000073
"Position37"=dword:00000025
"Visible37"=dword:00000000
"Width37"=dword:0000004b
"Position38"=dword:00000026
"Visible38"=dword:00000000
"Width38"=dword:0000002d
"Position39"=dword:00000027
"Visible39"=dword:00000000
"Width39"=dword:00000055
"Position40"=dword:00000028
"Visible40"=dword:00000000
"Width40"=dword:00000046
"Position41"=dword:00000029
"Visible41"=dword:00000000
"Width41"=dword:0000004b
"Position42"=dword:0000002a
"Visible42"=dword:00000000
"Width42"=dword:0000003c
"Position43"=dword:0000002b
"Visible43"=dword:00000000
"Width43"=dword:00000046
"Position44"=dword:0000002c
"Visible44"=dword:00000000
"Width44"=dword:00000073
"Position45"=dword:0000002d
"Visible45"=dword:00000000
"Width45"=dword:0000004b
"Position46"=dword:0000002e
"Visible46"=dword:00000000
"Width46"=dword:00000073
"Position47"=dword:0000002f
"Visible47"=dword:00000000
"Width47"=dword:0000007d
"Position48"=dword:00000030
"Visible48"=dword:00000000
"Width48"=dword:0000006e
"Position49"=dword:00000031
"Visible49"=dword:00000000
"Width49"=dword:00000037
"Position50"=dword:00000032
"Visible50"=dword:00000000
"Width50"=dword:00000064
"Position51"=dword:00000033
"Visible51"=dword:00000000
"Width51"=dword:00000037
"Position52"=dword:00000034
"Visible52"=dword:00000000
"Width52"=dword:0000004b
"Position53"=dword:00000035
"Visible53"=dword:00000000
"Width53"=dword:00000046
"Position54"=dword:00000036
"Visible54"=dword:00000000
"Width54"=dword:00000037
"Position55"=dword:00000037
"Visible55"=dword:00000000
"Width55"=dword:0000003c
"Position56"=dword:00000038
"Visible56"=dword:00000000
"Width56"=dword:00000055
"Position57"=dword:00000039
"Visible57"=dword:00000000
"Width57"=dword:0000003c
"Position58"=dword:0000003a
"Visible58"=dword:00000000
"Width58"=dword:0000003c
"Position59"=dword:0000003b
"Visible59"=dword:00000000
"Width59"=dword:00000055
"Position60"=dword:0000003c
"Visible60"=dword:00000000
"Width60"=dword:00000046
"Position61"=dword:0000003d
"Visible61"=dword:00000000
"Width61"=dword:0000004b
"Position62"=dword:0000003e
"Visible62"=dword:00000000
"Width62"=dword:00000055
"Position63"=dword:0000003f
"Visible63"=dword:00000000
"Width63"=dword:0000005a
"Position64"=dword:00000040
"Visible64"=dword:00000000
"Width64"=dword:0000006e
"Position65"=dword:00000041
"Visible65"=dword:00000000
"Width65"=dword:00000050
"Position66"=dword:00000042
"Visible66"=dword:00000000
"Width66"=dword:00000032
"Position67"=dword:00000043
"Visible67"=dword:00000000
"Width67"=dword:00000064
"Position68"=dword:00000044
"Visible68"=dword:00000000
"Width68"=dword:0000004b
"Position69"=dword:00000045
"Visible69"=dword:00000000
"Width69"=dword:0000002d
"Position70"=dword:00000046
"Visible70"=dword:00000000
"Width70"=dword:0000004b
"Position71"=dword:00000047
"Visible71"=dword:00000000
"Width71"=dword:0000005a
"Position72"=dword:00000048
"Visible72"=dword:00000000
"Width72"=dword:0000005a
"Position73"=dword:00000049
"Visible73"=dword:00000000
"Width73"=dword:00000050
"Position74"=dword:0000004a
"Visible74"=dword:00000000
"Width74"=dword:0000004b
"Position75"=dword:0000004b
"Visible75"=dword:00000000
"Width75"=dword:00000050
"Position76"=dword:0000004c
"Visible76"=dword:00000000
"Width76"=dword:0000005a
"Position77"=dword:0000004d
"Visible77"=dword:00000000
"Width77"=dword:00000041
"Position78"=dword:0000004e
"Visible78"=dword:00000000
"Width78"=dword:00000041
"Position79"=dword:0000004f
"Visible79"=dword:00000000
"Width79"=dword:00000041
"Position80"=dword:00000050
"Visible80"=dword:00000000
"Width80"=dword:00000041
"Position81"=dword:00000051
"Visible81"=dword:00000000
"Width81"=dword:00000041
"Position82"=dword:00000052
"Visible82"=dword:00000000
"Width82"=dword:00000041
"Position83"=dword:00000053
"Visible83"=dword:00000000
"Width83"=dword:00000041
"Position84"=dword:00000054
"Visible84"=dword:00000000
"Width84"=dword:00000041
"Position85"=dword:00000055
"Visible85"=dword:00000000
"Width85"=dword:00000041
"Position86"=dword:00000056
"Visible86"=dword:00000000
"Width86"=dword:00000050
.
[HKEY_USERS\S-1-5-21-4084055621-2455302966-1550939352-1007\Software\G*e*n*i*e*"!\FM Genie Scout 2008\Rating Coefficients]
"GKWeightCoef"=dword:00000064
"GKCurrentAbilityCoef"=dword:00000000
"GKCornersCoef"=dword:00000000
"GKCrossingCoef"=dword:00000000
"GKDribblingCoef"=dword:00000000
"GKFinishingCoef"=dword:00000000
"GKFirstTouchCoef"=dword:00000000
"GKFreeKicksCoef"=dword:00000000
"GKHeadingCoef"=dword:00000000
"GKLongShotsCoef"=dword:00000000
"GKLongThrowsCoef"=dword:00000000
"GKMarkingCoef"=dword:00000000
"GKPassingCoef"=dword:00000000
"GKPenaltiesCoef"=dword:00000000
"GKTacklingCoef"=dword:00000005
"GKTechniqueCoef"=dword:00000000
"GKLeftFootCoef"=dword:00000000
"GKRightFootCoef"=dword:00000000
"GKAggressionCoef"=dword:0000000a
"GKAnticipationCoef"=dword:00000005
"GKBraveryCoef"=dword:00000014
"GKComposureCoef"=dword:00000014
"GKConcentrationCoef"=dword:0000000a
"GKConsistencyCoef"=dword:0000000a
"GKCreativityCoef"=dword:00000000
"GKDecisionsCoef"=dword:00000014
"GKDeterminationCoef"=dword:0000000a
"GKDirtinessCoef"=dword:fffffffb
"GKFlairCoef"=dword:00000000
"GKImportantMatchesCoef"=dword:0000000a
"GKInfluenceCoef"=dword:0000000a
"GKOffTheBallCoef"=dword:00000000
"GKPositioningCoef"=dword:00000050
"GKTeamworkCoef"=dword:00000005
"GKWorkRateCoef"=dword:00000000
"GKAccelerationCoef"=dword:00000005
"GKAgilityCoef"=dword:0000000a
"GKBalanceCoef"=dword:0000000a
"GKInjuryPronenessCoef"=dword:fffffffb
"GKJumpingCoef"=dword:00000050
"GKNaturalFitnessCoef"=dword:00000005
"GKPaceCoef"=dword:00000000
"GKStaminaCoef"=dword:00000000
"GKStrengthCoef"=dword:0000000a
"GKVersatilityCoef"=dword:00000000
"GKAerialAbilityCoef"=dword:00000032
"GKCommandOfAreaCoef"=dword:00000014
"GKCommunicationCoef"=dword:00000032
"GKEccentricityCoef"=dword:ffffffec
"GKHandlingCoef"=dword:00000064
"GKKickingCoef"=dword:0000000a
"GKOneOnOnesCoef"=dword:00000032
"GKReflexesCoef"=dword:00000064
"GKRushingOutCoef"=dword:00000014
"GKTendencyToPunchCoef"=dword:fffffff6
"GKThrowingCoef"=dword:0000000a
"GKAdaptabilityCoef"=dword:00000005
"GKAmbitionCoef"=dword:0000000a
"GKControversyCoef"=dword:fffffffb
"GKLoyalityCoef"=dword:00000005
"GKPressureCoef"=dword:00000005
"GKProfessionalismCoef"=dword:00000005
"GKSportsmanshipCoef"=dword:00000005
"GKTemperamentCoef"=dword:00000005
"SWWeightCoef"=dword:00000066
"SWCurrentAbilityCoef"=dword:00000000
"SWCornersCoef"=dword:00000000
"SWCrossingCoef"=dword:00000000
"SWDribblingCoef"=dword:00000000
"SWFinishingCoef"=dword:00000000
"SWFirstTouchCoef"=dword:00000014
"SWFreeKicksCoef"=dword:0000000a
"SWHeadingCoef"=dword:00000064
"SWLongShotsCoef"=dword:0000000a
"SWLongThrowsCoef"=dword:00000000
"SWMarkingCoef"=dword:00000064
"SWPassingCoef"=dword:0000000a
"SWPenaltiesCoef"=dword:00000005
"SWTacklingCoef"=dword:00000064
"SWTechniqueCoef"=dword:0000000a
"SWLeftFootCoef"=dword:00000005
"SWRightFootCoef"=dword:00000005
"SWAggressionCoef"=dword:00000014
"SWAnticipationCoef"=dword:00000014
"SWBraveryCoef"=dword:00000028
"SWComposureCoef"=dword:00000028
"SWConcentrationCoef"=dword:0000003c
"SWConsistencyCoef"=dword:0000000a
"SWCreativityCoef"=dword:0000000a
"SWDecisionsCoef"=dword:00000014
"SWDeterminationCoef"=dword:0000000a
"SWDirtinessCoef"=dword:ffffffe7
"SWFlairCoef"=dword:00000000
"SWImportantMatchesCoef"=dword:0000000a
"SWInfluenceCoef"=dword:0000000a
"SWOffTheBallCoef"=dword:0000000a
"SWPositioningCoef"=dword:00000064
"SWTeamworkCoef"=dword:00000028
"SWWorkRateCoef"=dword:00000014
"SWAccelerationCoef"=dword:0000001e
"SWAgilityCoef"=dword:0000000a
"SWBalanceCoef"=dword:00000014
"SWInjuryPronenessCoef"=dword:fffffffb
"SWJumpingCoef"=dword:00000064
"SWNaturalFitnessCoef"=dword:00000005
"SWPaceCoef"=dword:00000014
"SWStaminaCoef"=dword:0000000a
"SWStrengthCoef"=dword:00000050
"SWVersatilityCoef"=dword:00000005
"SWAerialAbilityCoef"=dword:00000000
"SWCommandOfAreaCoef"=dword:00000000
"SWCommunicationCoef"=dword:00000000
"SWEccentricityCoef"=dword:00000000
"SWHandlingCoef"=dword:00000000
"SWKickingCoef"=dword:00000000
"SWOneOnOnesCoef"=dword:00000005
"SWReflexesCoef"=dword:00000005
"SWRushingOutCoef"=dword:00000000
"SWTendencyToPunchCoef"=dword:00000000
"SWThrowingCoef"=dword:00000000
"SWAdaptabilityCoef"=dword:00000005
"SWAmbitionCoef"=dword:0000000a
"SWControversyCoef"=dword:fffffffb
"SWLoyalityCoef"=dword:00000005
"SWPressureCoef"=dword:00000005
"SWProfessionalismCoef"=dword:00000005
"SWSportsmanshipCoef"=dword:00000005
"SWTemperamentCoef"=dword:00000005
"CBWeightCoef"=dword:00000064
"CBCurrentAbilityCoef"=dword:00000000
"CBCornersCoef"=dword:00000000
"CBCrossingCoef"=dword:00000000
"CBDribblingCoef"=dword:00000000
"CBFinishingCoef"=dword:00000000
"CBFirstTouchCoef"=dword:00000014
"CBFreeKicksCoef"=dword:0000000a
"CBHeadingCoef"=dword:00000064
"CBLongShotsCoef"=dword:0000000a
"CBLongThrowsCoef"=dword:00000000
"CBMarkingCoef"=dword:00000050
"CBPassingCoef"=dword:00000014
"CBPenaltiesCoef"=dword:00000005
"CBTacklingCoef"=dword:00000064
"CBTechniqueCoef"=dword:0000000a
"CBLeftFootCoef"=dword:00000005
"CBRightFootCoef"=dword:00000005
"CBAggressionCoef"=dword:00000014
"CBAnticipationCoef"=dword:00000014
"CBBraveryCoef"=dword:00000028
"CBComposureCoef"=dword:00000014
"CBConcentrationCoef"=dword:00000028
"CBConsistencyCoef"=dword:0000000a
"CBCreativityCoef"=dword:0000000a
"CBDecisionsCoef"=dword:00000014
"CBDeterminationCoef"=dword:0000000a
"CBDirtinessCoef"=dword:ffffffec
"CBFlairCoef"=dword:00000000
"CBImportantMatchesCoef"=dword:0000000a
"CBInfluenceCoef"=dword:0000000a
"CBOffTheBallCoef"=dword:0000000a
"CBPositioningCoef"=dword:00000050
"CBTeamworkCoef"=dword:00000028
"CBWorkRateCoef"=dword:00000014
"CBAccelerationCoef"=dword:00000028
"CBAgilityCoef"=dword:0000000a
"CBBalanceCoef"=dword:00000014
"CBInjuryPronenessCoef"=dword:fffffffb
"CBJumpingCoef"=dword:00000064
"CBNaturalFitnessCoef"=dword:00000005
"CBPaceCoef"=dword:0000001e
"CBStaminaCoef"=dword:0000000a
"CBStrengthCoef"=dword:0000003c
"CBVersatilityCoef"=dword:00000005
"CBAerialAbilityCoef"=dword:00000000
"CBCommandOfAreaCoef"=dword:00000000
"CBCommunicationCoef"=dword:00000000
"CBEccentricityCoef"=dword:00000000
"CBHandlingCoef"=dword:00000000
"CBKickingCoef"=dword:00000000
"CBOneOnOnesCoef"=dword:00000005
"CBReflexesCoef"=dword:00000005
"CBRushingOutCoef"=dword:00000000
"CBTendencyToPunchCoef"=dword:00000000
"CBThrowingCoef"=dword:00000000
"CBAdaptabilityCoef"=dword:00000005
"CBAmbitionCoef"=dword:0000000a
"CBControversyCoef"=dword:fffffffb
"CBLoyalityCoef"=dword:00000005
"CBPressureCoef"=dword:00000005
"CBProfessionalismCoef"=dword:00000005
"CBSportsmanshipCoef"=dword:00000005
"CBTemperamentCoef"=dword:00000005
"FBWeightCoef"=dword:00000069
"FBCurrentAbilityCoef"=dword:00000000
"FBCornersCoef"=dword:0000000a
"FBCrossingCoef"=dword:0000001e
"FBDribblingCoef"=dword:00000014
"FBFinishingCoef"=dword:00000000
"FBFirstTouchCoef"=dword:00000014
"FBFreeKicksCoef"=dword:0000000a
"FBHeadingCoef"=dword:0000003c
"FBLongShotsCoef"=dword:0000000a
"FBLongThrowsCoef"=dword:0000000a
"FBMarkingCoef"=dword:0000003c
"FBPassingCoef"=dword:0000001e
"FBPenaltiesCoef"=dword:00000005
"FBTacklingCoef"=dword:00000064
"FBTechniqueCoef"=dword:00000014
"FBLeftFootCoef"=dword:00000005
"FBRightFootCoef"=dword:00000005
"FBAggressionCoef"=dword:0000000f
"FBAnticipationCoef"=dword:00000050
"FBBraveryCoef"=dword:00000014
"FBComposureCoef"=dword:0000000a
"FBConcentrationCoef"=dword:0000001e
"FBConsistencyCoef"=dword:0000000a
"FBCreativityCoef"=dword:0000000a
"FBDecisionsCoef"=dword:00000014
"FBDeterminationCoef"=dword:0000000a
"FBDirtinessCoef"=dword:fffffff6
"FBFlairCoef"=dword:00000005
"FBImportantMatchesCoef"=dword:0000000a
"FBInfluenceCoef"=dword:0000000a
"FBOffTheBallCoef"=dword:00000014
"FBPositioningCoef"=dword:00000064
"FBTeamworkCoef"=dword:00000014
"FBWorkRateCoef"=dword:00000014
"FBAccelerationCoef"=dword:0000003c
"FBAgilityCoef"=dword:0000000a
"FBBalanceCoef"=dword:00000014
"FBInjuryPronenessCoef"=dword:fffffffb
"FBJumpingCoef"=dword:0000003c
"FBNaturalFitnessCoef"=dword:00000005
"FBPaceCoef"=dword:00000050
"FBStaminaCoef"=dword:0000003c
"FBStrengthCoef"=dword:00000028
"FBVersatilityCoef"=dword:00000005
"FBAerialAbilityCoef"=dword:00000000
"FBCommandOfAreaCoef"=dword:00000000
"FBCommunicationCoef"=dword:00000000
"FBEccentricityCoef"=dword:00000000
"FBHandlingCoef"=dword:00000000
"FBKickingCoef"=dword:00000000
"FBOneOnOnesCoef"=dword:00000005
"FBReflexesCoef"=dword:00000005
"FBRushingOutCoef"=dword:00000000
"FBTendencyToPunchCoef"=dword:00000000
"FBThrowingCoef"=dword:00000000
"FBAdaptabilityCoef"=dword:00000005
"FBAmbitionCoef"=dword:0000000a
"FBControversyCoef"=dword:fffffffb
"FBLoyalityCoef"=dword:00000005
"FBPressureCoef"=dword:00000005
"FBProfessionalismCoef"=dword:00000005
"FBSportsmanshipCoef"=dword:00000005
"FBTemperamentCoef"=dword:00000005
"WBWeightCoef"=dword:0000006c
"WBCurrentAbilityCoef"=dword:00000000
"WBCornersCoef"=dword:0000000a
"WBCrossingCoef"=dword:0000003c
"WBDribblingCoef"=dword:00000028
"WBFinishingCoef"=dword:0000000a
"WBFirstTouchCoef"=dword:00000014
"WBFreeKicksCoef"=dword:0000000a
"WBHeadingCoef"=dword:00000028
"WBLongShotsCoef"=dword:00000014
"WBLongThrowsCoef"=dword:0000000a
"WBMarkingCoef"=dword:0000003c
"WBPassingCoef"=dword:00000028
"WBPenaltiesCoef"=dword:00000005
"WBTacklingCoef"=dword:00000064
"WBTechniqueCoef"=dword:00000028
"WBLeftFootCoef"=dword:00000005
"WBRightFootCoef"=dword:00000005
"WBAggressionCoef"=dword:0000000a
"WBAnticipationCoef"=dword:00000050
"WBBraveryCoef"=dword:0000000a
"WBComposureCoef"=dword:0000000a
"WBConcentrationCoef"=dword:00000014
"WBConsistencyCoef"=dword:0000000a
"WBCreativityCoef"=dword:00000014
"WBDecisionsCoef"=dword:00000014
"WBDeterminationCoef"=dword:0000000a
"WBDirtinessCoef"=dword:fffffff6
"WBFlairCoef"=dword:0000000a
"WBImportantMatchesCoef"=dword:0000000a
"WBInfluenceCoef"=dword:0000000a
"WBOffTheBallCoef"=dword:00000014
"WBPositioningCoef"=dword:00000064
"WBTeamworkCoef"=dword:00000014
"WBWorkRateCoef"=dword:00000028
"WBAccelerationCoef"=dword:00000050
"WBAgilityCoef"=dword:0000000a
"WBBalanceCoef"=dword:00000014
"WBInjuryPronenessCoef"=dword:fffffffb
"WBJumpingCoef"=dword:00000014
"WBNaturalFitnessCoef"=dword:00000005
"WBPaceCoef"=dword:00000064
"WBStaminaCoef"=dword:00000050
"WBStrengthCoef"=dword:00000028
"WBVersatilityCoef"=dword:00000005
"WBAerialAbilityCoef"=dword:00000000
"WBCommandOfAreaCoef"=dword:00000000
"WBCommunicationCoef"=dword:00000000
"WBEccentricityCoef"=dword:00000000
"WBHandlingCoef"=dword:00000000
"WBKickingCoef"=dword:00000000
"WBOneOnOnesCoef"=dword:00000005
"WBReflexesCoef"=dword:00000005
"WBRushingOutCoef"=dword:00000000
"WBTendencyToPunchCoef"=dword:00000000
"WBThrowingCoef"=dword:00000000
"WBAdaptabilityCoef"=dword:00000005
"WBAmbitionCoef"=dword:0000000a
"WBControversyCoef"=dword:fffffffb
"WBLoyalityCoef"=dword:00000005
"WBPressureCoef"=dword:00000005
"WBProfessionalismCoef"=dword:00000005
"WBSportsmanshipCoef"=dword:00000005
"WBTemperamentCoef"=dword:00000005
"DMWeightCoef"=dword:00000067
"DMCurrentAbilityCoef"=dword:00000000
"DMCornersCoef"=dword:0000000a
"DMCrossingCoef"=dword:0000001e
"DMDribblingCoef"=dword:00000014
"DMFinishingCoef"=dword:0000000a
"DMFirstTouchCoef"=dword:0000001e
"DMFreeKicksCoef"=dword:0000000a
"DMHeadingCoef"=dword:00000028
"DMLongShotsCoef"=dword:00000014
"DMLongThrowsCoef"=dword:00000005
"DMMarkingCoef"=dword:0000003c
"DMPassingCoef"=dword:00000028
"DMPenaltiesCoef"=dword:00000005
"DMTacklingCoef"=dword:00000064
"DMTechniqueCoef"=dword:0000001e
"DMLeftFootCoef"=dword:00000005
"DMRightFootCoef"=dword:00000005
"DMAggressionCoef"=dword:00000028
"DMAnticipationCoef"=dword:00000028
"DMBraveryCoef"=dword:00000014
"DMComposureCoef"=dword:0000000a
"DMConcentrationCoef"=dword:00000014
"DMConsistencyCoef"=dword:0000000a
"DMCreativityCoef"=dword:00000014
"DMDecisionsCoef"=dword:00000014
"DMDeterminationCoef"=dword:0000000a
"DMDirtinessCoef"=dword:fffffff6
"DMFlairCoef"=dword:0000000a
"DMImportantMatchesCoef"=dword:0000000a
"DMInfluenceCoef"=dword:0000000a
"DMOffTheBallCoef"=dword:0000001e
"DMPositioningCoef"=dword:00000050
"DMTeamworkCoef"=dword:00000028
"DMWorkRateCoef"=dword:00000050
"DMAccelerationCoef"=dword:00000028
"DMAgilityCoef"=dword:0000000a
"DMBalanceCoef"=dword:0000000a
"DMInjuryPronenessCoef"=dword:fffffffb
"DMJumpingCoef"=dword:00000028
"DMNaturalFitnessCoef"=dword:00000005
"DMPaceCoef"=dword:00000028
"DMStaminaCoef"=dword:0000003c
"DMStrengthCoef"=dword:00000028
"DMVersatilityCoef"=dword:00000005
"DMAerialAbilityCoef"=dword:00000000
"DMCommandOfAreaCoef"=dword:00000000
"DMCommunicationCoef"=dword:00000000
"DMEccentricityCoef"=dword:00000000
"DMHandlingCoef"=dword:00000000
"DMKickingCoef"=dword:00000000
"DMOneOnOnesCoef"=dword:00000005
"DMReflexesCoef"=dword:00000005
"DMRushingOutCoef"=dword:00000000
"DMTendencyToPunchCoef"=dword:00000000
"DMThrowingCoef"=dword:00000000
"DMAdaptabilityCoef"=dword:00000005
"DMAmbitionCoef"=dword:0000000a
"DMControversyCoef"=dword:fffffffb
"DMLoyalityCoef"=dword:00000005
"DMPressureCoef"=dword:00000005
"DMProfessionalismCoef"=dword:00000005
"DMSportsmanshipCoef"=dword:00000005
"DMTemperamentCoef"=dword:00000005
"MWeightCoef"=dword:00000068
"MCurrentAbilityCoef"=dword:00000000
"MCornersCoef"=dword:0000000a
"MCrossingCoef"=dword:00000028
"MDribblingCoef"=dword:00000032
"MFinishingCoef"=dword:00000014
"MFirstTouchCoef"=dword:0000001e
"MFreeKicksCoef"=dword:0000000a
"MHeadingCoef"=dword:0000001e
"MLongShotsCoef"=dword:00000014
"MLongThrowsCoef"=dword:00000005
"MMarkingCoef"=dword:00000028
"MPassingCoef"=dword:00000046
"MPenaltiesCoef"=dword:00000005
"MTacklingCoef"=dword:0000003c
"MTechniqueCoef"=dword:00000032
"MLeftFootCoef"=dword:00000005
"MRightFootCoef"=dword:00000005
"MAggressionCoef"=dword:0000001e
"MAnticipationCoef"=dword:00000028
"MBraveryCoef"=dword:0000000a
"MComposureCoef"=dword:0000000a
"MConcentrationCoef"=dword:0000000a
"MConsistencyCoef"=dword:0000000a
"MCreativityCoef"=dword:0000003c
"MDecisionsCoef"=dword:0000001e
"MDeterminationCoef"=dword:0000000a
"MDirtinessCoef"=dword:fffffffb
"MFlairCoef"=dword:0000000a
"MImportantMatchesCoef"=dword:0000000a
"MInfluenceCoef"=dword:0000000a
"MOffTheBallCoef"=dword:00000028
"MPositioningCoef"=dword:00000028
"MTeamworkCoef"=dword:00000032
"MWorkRateCoef"=dword:00000032
"MAccelerationCoef"=dword:00000032
"MAgilityCoef"=dword:0000000a
"MBalanceCoef"=dword:0000000a
"MInjuryPronenessCoef"=dword:fffffffb
"MJumpingCoef"=dword:00000028
"MNaturalFitnessCoef"=dword:00000005
"MPaceCoef"=dword:00000028
"MStaminaCoef"=dword:0000003c
"MStrengthCoef"=dword:0000001e
"MVersatilityCoef"=dword:00000005
"MAerialAbilityCoef"=dword:00000000
"MCommandOfAreaCoef"=dword:00000000
"MCommunicationCoef"=dword:00000000
"MEccentricityCoef"=dword:00000000
"MHandlingCoef"=dword:00000000
"MKickingCoef"=dword:00000000
"MOneOnOnesCoef"=dword:00000005
"MReflexesCoef"=dword:00000005
"MRushingOutCoef"=dword:00000000
"MTendencyToPunchCoef"=dword:00000000
"MThrowingCoef"=dword:00000000
"MAdaptabilityCoef"=dword:00000005
"MAmbitionCoef"=dword:0000000a
"MControversyCoef"=dword:fffffffb
"MLoyalityCoef"=dword:00000005
"MPressureCoef"=dword:00000005
"MProfessionalismCoef"=dword:00000005
"MSportsmanshipCoef"=dword:00000005
"MTemperamentCoef"=dword:00000005
"AMWeightCoef"=dword:00000068
"AMCurrentAbilityCoef"=dword:00000000
"AMCornersCoef"=dword:0000000a
"AMCrossingCoef"=dword:0000003c
"AMDribblingCoef"=dword:00000050
"AMFinishingCoef"=dword:00000028
"AMFirstTouchCoef"=dword:0000001e
"AMFreeKicksCoef"=dword:0000000a
"AMHeadingCoef"=dword:00000014
"AMLongShotsCoef"=dword:00000014
"AMLongThrowsCoef"=dword:00000005
"AMMarkingCoef"=dword:0000000a
"AMPassingCoef"=dword:00000064
"AMPenaltiesCoef"=dword:00000005
"AMTacklingCoef"=dword:0000000a
"AMTechniqueCoef"=dword:00000050
"AMLeftFootCoef"=dword:00000005
"AMRightFootCoef"=dword:00000005
"AMAggressionCoef"=dword:0000000a
"AMAnticipationCoef"=dword:0000001e
"AMBraveryCoef"=dword:0000000a
"AMComposureCoef"=dword:0000000a
"AMConcentrationCoef"=dword:0000000a
"AMConsistencyCoef"=dword:0000000a
"AMCreativityCoef"=dword:00000064
"AMDecisionsCoef"=dword:00000028
"AMDeterminationCoef"=dword:0000000a
"AMDirtinessCoef"=dword:fffffffb
"AMFlairCoef"=dword:00000014
"AMImportantMatchesCoef"=dword:0000000a
"AMInfluenceCoef"=dword:0000000a
"AMOffTheBallCoef"=dword:0000003c
"AMPositioningCoef"=dword:00000014
"AMTeamworkCoef"=dword:0000003c
"AMWorkRateCoef"=dword:00000014
"AMAccelerationCoef"=dword:0000003c
"AMAgilityCoef"=dword:0000000a
"AMBalanceCoef"=dword:0000000a
"AMInjuryPronenessCoef"=dword:fffffffb
"AMJumpingCoef"=dword:00000014
"AMNaturalFitnessCoef"=dword:00000005
"AMPaceCoef"=dword:0000003c
"AMStaminaCoef"=dword:0000003c
"AMStrengthCoef"=dword:00000014
"AMVersatilityCoef"=dword:00000005
"AMAerialAbilityCoef"=dword:00000000
"AMCommandOfAreaCoef"=dword:00000000
"AMCommunicationCoef"=dword:00000000
"AMEccentricityCoef"=dword:00000000
"AMHandlingCoef"=dword:00000000
"AMKickingCoef"=dword:00000000
"AMOneOnOnesCoef"=dword:00000005
"AMReflexesCoef"=dword:00000005
"AMRushingOutCoef"=dword:00000000
"AMTendencyToPunchCoef"=dword:00000000
"AMThrowingCoef"=dword:00000000
"AMAdaptabilityCoef"=dword:00000005
"AMAmbitionCoef"=dword:0000000a
"AMControversyCoef"=dword:fffffffb
"AMLoyalityCoef"=dword:00000005
"AMPressureCoef"=dword:00000005
"AMProfessionalismCoef"=dword:00000005
"AMSportsmanshipCoef"=dword:00000005
"AMTemperamentCoef"=dword:00000005
"WWeightCoef"=dword:00000069
"WCurrentAbilityCoef"=dword:00000000
"WCornersCoef"=dword:0000000a
"WCrossingCoef"=dword:00000064
"WDribblingCoef"=dword:00000064
"WFinishingCoef"=dword:0000003c
"WFirstTouchCoef"=dword:0000001e
"WFreeKicksCoef"=dword:0000000a
"WHeadingCoef"=dword:00000014
"WLongShotsCoef"=dword:00000014
"WLongThrowsCoef"=dword:00000005
"WMarkingCoef"=dword:0000000a
"WPassingCoef"=dword:0000003c
"WPenaltiesCoef"=dword:00000005
"WTacklingCoef"=dword:0000000a
"WTechniqueCoef"=dword:00000050
"WLeftFootCoef"=dword:00000005
"WRightFootCoef"=dword:00000005
"WAggressionCoef"=dword:0000000a
"WAnticipationCoef"=dword:00000014
"WBraveryCoef"=dword:0000000a
"WComposureCoef"=dword:0000000a
"WConcentrationCoef"=dword:0000000a
"WConsistencyCoef"=dword:0000000a
"WCreativityCoef"=dword:0000003c
"WDecisionsCoef"=dword:00000014
"WDeterminationCoef"=dword:0000000a
"WDirtinessCoef"=dword:fffffffb
"WFlairCoef"=dword:0000000a
"WImportantMatchesCoef"=dword:00000014
"WInfluenceCoef"=dword:0000000a
"WOffTheBallCoef"=dword:0000003c
"WPositioningCoef"=dword:00000014
"WTeamworkCoef"=dword:0000001e
"WWorkRateCoef"=dword:0000001e
"WAccelerationCoef"=dword:00000050
"WAgilityCoef"=dword:00000014
"WBalanceCoef"=dword:0000000a
"WInjuryPronenessCoef"=dword:fffffffb
"WJumpingCoef"=dword:00000014
"WNaturalFitnessCoef"=dword:00000005
"WPaceCoef"=dword:00000064
"WStaminaCoef"=dword:0000003c
"WStrengthCoef"=dword:00000014
"WVersatilityCoef"=dword:00000005
"WAerialAbilityCoef"=dword:00000000
"WCommandOfAreaCoef"=dword:00000000
"WCommunicationCoef"=dword:00000000
"WEccentricityCoef"=dword:00000000
"WHandlingCoef"=dword:00000000
"WKickingCoef"=dword:00000000
"WOneOnOnesCoef"=dword:00000005
"WReflexesCoef"=dword:00000005
"WRushingOutCoef"=dword:00000000
"WTendencyToPunchCoef"=dword:00000000
"WThrowingCoef"=dword:00000000
"WAdaptabilityCoef"=dword:00000005
"WAmbitionCoef"=dword:0000000a
"WControversyCoef"=dword:fffffffb
"WLoyalityCoef"=dword:00000005
"WPressureCoef"=dword:00000005
"WProfessionalismCoef"=dword:00000005
"WSportsmanshipCoef"=dword:00000005
"WTemperamentCoef"=dword:00000005
"FSTWeightCoef"=dword:00000067
"FSTCurrentAbilityCoef"=dword:00000000
"FSTCornersCoef"=dword:0000000a
"FSTCrossingCoef"=dword:0000000a
"FSTDribblingCoef"=dword:00000050
"FSTFinishingCoef"=dword:00000064
"FSTFirstTouchCoef"=dword:00000028
"FSTFreeKicksCoef"=dword:0000000a
"FSTHeadingCoef"=dword:00000028
"FSTLongShotsCoef"=dword:00000014
"FSTLongThrowsCoef"=dword:00000000
"FSTMarkingCoef"=dword:00000000
"FSTPassingCoef"=dword:00000028
"FSTPenaltiesCoef"=dword:00000005
"FSTTacklingCoef"=dword:00000000
"FSTTechniqueCoef"=dword:00000050
"FSTLeftFootCoef"=dword:00000005
"FSTRightFootCoef"=dword:00000005
"FSTAggressionCoef"=dword:0000000a
"FSTAnticipationCoef"=dword:0000000a
"FSTBraveryCoef"=dword:0000000a
"FSTComposureCoef"=dword:0000000a
"FSTConcentrationCoef"=dword:0000000a
"FSTConsistencyCoef"=dword:0000000a
"FSTCreativityCoef"=dword:00000028
"FSTDecisionsCoef"=dword:0000000a
"FSTDeterminationCoef"=dword:0000000a
"FSTDirtinessCoef"=dword:fffffffb
"FSTFlairCoef"=dword:0000000a
"FSTImportantMatchesCoef"=dword:0000000a
"FSTInfluenceCoef"=dword:0000000a
"FSTOffTheBallCoef"=dword:00000050
"FSTPositioningCoef"=dword:0000000a
"FSTTeamworkCoef"=dword:0000000a
"FSTWorkRateCoef"=dword:0000000a
"FSTAccelerationCoef"=dword:00000064
"FSTAgilityCoef"=dword:00000028
"FSTBalanceCoef"=dword:0000000a
"FSTInjuryPronenessCoef"=dword:fffffffb
"FSTJumpingCoef"=dword:00000014
"FSTNaturalFitnessCoef"=dword:00000005
"FSTPaceCoef"=dword:00000064
"FSTStaminaCoef"=dword:00000028
"FSTStrengthCoef"=dword:00000014
"FSTVersatilityCoef"=dword:00000005
"FSTAerialAbilityCoef"=dword:00000000
"FSTCommandOfAreaCoef"=dword:00000000
"FSTCommunicationCoef"=dword:00000000
"FSTEccentricityCoef"=dword:00000000
"FSTHandlingCoef"=dword:00000000
"FSTKickingCoef"=dword:00000000
"FSTOneOnOnesCoef"=dword:00000005
"FSTReflexesCoef"=dword:00000005
"FSTRushingOutCoef"=dword:00000000
"FSTTendencyToPunchCoef"=dword:00000000
"FSTThrowingCoef"=dword:00000000
"FSTAdaptabilityCoef"=dword:00000005
"FSTAmbitionCoef"=dword:0000000a
"FSTControversyCoef"=dword:fffffffb
"FSTLoyalityCoef"=dword:00000005
"FSTPressureCoef"=dword:00000005
"FSTProfessionalismCoef"=dword:00000005
"FSTSportsmanshipCoef"=dword:00000005
"FSTTemperamentCoef"=dword:00000005
"TSTWeightCoef"=dword:00000067
"TSTCurrentAbilityCoef"=dword:00000000
"TSTCornersCoef"=dword:00000000
"TSTCrossingCoef"=dword:0000000a
"TSTDribblingCoef"=dword:0000003c
"TSTFinishingCoef"=dword:00000050
"TSTFirstTouchCoef"=dword:0000001e
"TSTFreeKicksCoef"=dword:0000000a
"TSTHeadingCoef"=dword:00000064
"TSTLongShotsCoef"=dword:00000014
"TSTLongThrowsCoef"=dword:00000000
"TSTMarkingCoef"=dword:00000000
"TSTPassingCoef"=dword:00000028
"TSTPenaltiesCoef"=dword:00000005
"TSTTacklingCoef"=dword:00000000
"TSTTechniqueCoef"=dword:00000028
"TSTLeftFootCoef"=dword:00000005
"TSTRightFootCoef"=dword:00000005
"TSTAggressionCoef"=dword:00000014
"TSTAnticipationCoef"=dword:0000000a
"TSTBraveryCoef"=dword:00000014
"TSTComposureCoef"=dword:0000000a
"TSTConcentrationCoef"=dword:0000000a
"TSTConsistencyCoef"=dword:0000000a
"TSTCreativityCoef"=dword:00000014
"TSTDecisionsCoef"=dword:0000000a
"TSTDeterminationCoef"=dword:0000000a
"TSTDirtinessCoef"=dword:fffffffb
"TSTFlairCoef"=dword:0000000a
"TSTImportantMatchesCoef"=dword:0000000a
"TSTInfluenceCoef"=dword:0000000a
"TSTOffTheBallCoef"=dword:00000050
"TSTPositioningCoef"=dword:00000014
"TSTTeamworkCoef"=dword:0000000a
"TSTWorkRateCoef"=dword:0000000a
"TSTAccelerationCoef"=dword:00000028
"TSTAgilityCoef"=dword:00000014
"TSTBalanceCoef"=dword:00000014
"TSTInjuryPronenessCoef"=dword:fffffffb
"TSTJumpingCoef"=dword:00000064
"TSTNaturalFitnessCoef"=dword:00000005
"TSTPaceCoef"=dword:00000028
"TSTStaminaCoef"=dword:00000014
"TSTStrengthCoef"=dword:00000050
"TSTVersatilityCoef"=dword:00000005
"TSTAerialAbilityCoef"=dword:00000000
"TSTCommandOfAreaCoef"=dword:00000000
"TSTCommunicationCoef"=dword:00000000
"TSTEccentricityCoef"=dword:00000000
"TSTHandlingCoef"=dword:00000000
"TSTKickingCoef"=dword:00000000
"TSTOneOnOnesCoef"=dword:00000005
"TSTReflexesCoef"=dword:00000005
"TSTRushingOutCoef"=dword:00000000
"TSTTendencyToPunchCoef"=dword:00000000
"TSTThrowingCoef"=dword:00000000
"TSTAdaptabilityCoef"=dword:00000005
"TSTAmbitionCoef"=dword:0000000a
"TSTControversyCoef"=dword:fffffffb
"TSTLoyalityCoef"=dword:00000005
"TSTPressureCoef"=dword:00000005
"TSTProfessionalismCoef"=dword:00000005
"TSTSportsmanshipCoef"=dword:00000005
"TSTTemperamentCoef"=dword:00000005
.
[HKEY_USERS\S-1-5-21-4084055621-2455302966-1550939352-1007\Software\G*e*n*i*e*"!\FM Genie Scout 2009 XE]
"GameDir"="c:\\Documents and Settings\\Compaq_Owner\\My Documents\\Sports Interactive\\Football Manager 2009\\games"
"ShortlistDir"=""
"ScreenshotsDir"="c:\\Documents and Settings\\Compaq_Owner\\My Documents\\Sports Interactive\\Football Manager 2009"
"SaveDir"="c:\\Documents and Settings\\Compaq_Owner\\My Documents\\Sports Interactive\\Football Manager 2009\\"
"HistoryDir"="c:\\Documents and Settings\\Compaq_Owner\\Desktop\\fm_genie_scout_2009_xe\\FM Genie Scout 2009 XE\\History Points"
"LangDB"="c:\\Program Files\\Sports Interactive\\Football Manager 2009\\data\\updates\\update-910\\db\\910\\lang_db.dat"
"LastSaveGame"=""
"Language"="English"
"LoadLangDB"=dword:00000001
"CompressHistoryPoints"=dword:00000000
"HighlightedAttributes"=dword:00000000
"MinCondition"=dword:00000032
"SkinName"="Champions League"
"LastUpdateCheck"=dword:00000000
"HighQualityGUI"=dword:00000001
"AutomaticallyUpdateCheck"=dword:00000001
"AdvancedGeneration"=dword:00000000
"TranslateStaffSkills"=dword:00000001
"TranslatePlayerSkills"=dword:00000001
"TranslatePositions"=dword:00000001
"ShowHistory"=dword:00000001
"Version"=dword:00000067
"UniqueID"="94-0E50-44BF"
"Currency"=dword:00000056
"UseProxy"=dword:00000000
"ProxyHost"=""
"ProxyPort"=""
"UseAuthentication"=dword:00000000
"UserName"=""
"UserPassword"=""
"GraphStep"=dword:00000000
.
[HKEY_USERS\S-1-5-21-4084055621-2455302966-1550939352-1007\Software\SecuROM\License information*]
"datasecu"=hex:7e,a9,52,34,a3,16,49,63,a4,6d,a8,f4,7f,76,57,ae,6c,ac,d1,9a,ee,
01,2e,b2,1b,51,64,2a,1e,48,b9,b4,a5,96,5b,74,e5,5f,b0,04,8d,5c,2a,fe,aa,e5,\
"rkeysecu"=hex:ea,b5,0e,05,8d,5f,99,06,e2,97,8c,9d,0d,82,c7,39
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{5ED60779-4DE2-4E07-B862-974CA4FF2E9C}]
@Denied: (Full) (Everyone)
"scansk"=hex(0):33,60,2a,b1,51,6b,d4,5f,e5,4a,bf,b4,30,bf,04,ca,00,00,0e,46,88,
93,21,ee,61,7f,7c,6f,31,4e,65,0a,2d,a3,ca,0e,e1,dd,bb,e6,00,00,00,00,00,00,\
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{f3cbcafc-5054-4b83-9d95-5da5ccb83342}]
@Denied: (Full) (Everyone)
"Model"=dword:00000055
"Therad"=dword:0000001e
"MData"=hex(0):2b,8f,78,29,5a,0c,ce,ec,48,d4,68,e5,9f,6a,96,3e,ab,de,c5,81,26,
38,95,44,85,b1,12,f9,90,dd,23,a1,49,8c,bf,1a,9d,fe,41,71,cb,3f,46,a4,7c,ab,\
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'winlogon.exe'(1064)
c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll
.
- - - - - - - > 'explorer.exe'(2512)
c:\windows\system32\WININET.dll
c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\MSVCR80.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\program files\Nokia\Nokia PC Suite 7\phonebrowser.dll
c:\program files\Nokia\Nokia PC Suite 7\NGSCM.DLL
c:\program files\Nokia\Nokia PC Suite 7\Lang\PhoneBrowser_eng.nlr
c:\program files\Nokia\Nokia PC Suite 7\Resource\PhoneBrowser_Nokia.ngr
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Java\jre7\bin\jqs.exe
c:\windows\System32\snmp.exe
c:\windows\SOUNDMAN.EXE
c:\windows\ALCWZRD.EXE
c:\windows\AGRSMMSG.exe
c:\windows\system32\RUNDLL32.EXE
c:\program files\Common Files\Java\Java Update\jucheck.exe
.
**************************************************************************
.
Completion time: 2012-10-28 03:45:18 - machine was rebooted
ComboFix-quarantined-files.txt 2012-10-28 03:45
ComboFix2.txt 2012-10-26 05:06
ComboFix3.txt 2010-12-28 10:16
.
Pre-Run: 97,886,531,584 bytes free
Post-Run: 97,866,637,312 bytes free
.
- - End Of File - - 41ADFA79D370B1EE7751D983C4B639B3