Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Malwarebytes stopped working [Solved]

Started by younggeeza , Oct 20 2012 02:02 PM

  • This topic is locked This topic is locked

#31
Nedklaw
Posted 17 November 2012 - 04:43 PM

Nedklaw

    Trusted Helper

  • Malware Removal
  • 1,652 posts
Hi. :)
The userinit value on your computer is missing. This means your computer can't log you onto Windows. We are going to recreate it.


Step 1

  • Start OTLPE from the CD.
  • Copy the text in the code box below into the Custom scans and fixes box.
:OTL
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\Administrator_ON_C\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\Alex_ON_C\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\Compaq_Owner_ON_C\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\LocalService_ON_C\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\NetworkService_ON_C\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\systemprofile_ON_C\Software\Policies\Microsoft\Internet Explorer\Control Panel present

:Reg
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"Userinit"="c:\\windows\\system32\\userinit.exe,"

:Commands 
[Reboot]
  • Let the program run unhindered and reboot your computer.
  • A report will be produced and saved in the C:\_OTL\MovedFiles folder in the form of Date_Time.log. Open that report and post its contents in your next reply.
Let me know if you can now boot after this.


Things I want to see in your next reply

  • OTL Fix Log
  • Can your boot into Windows?
  • 0

Advertisements

#32
younggeeza
Posted 18 November 2012 - 02:34 AM

younggeeza

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 112 posts
Fantastic, it let me log in and Malwarebytes works again. I checked msconfig - startup and the hphswemj entries are still there and still come back on if i turn them off. I can't however see them and/or svhchost (user) in the task manager anymore. Also, the pagefile isn't at full usage. So it seems as though the annoying dangerous part of the virus is inactive.

EDIT

Ah crap, I turned the net back on my pc and the svchost for my user area came back in taskmanager. Looks like it redownloaded itself as soon as I plugged my internet back in. Also, the ytyucuTY is back on my desktop.

========== OTL ==========
Registry key HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Restrictions\ deleted successfully.
Registry key HKEY_USERS\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel\ not found.
Registry key HKEY_USERS\Administrator_ON_C\Software\Policies\Microsoft\Internet Explorer\Control Panel\ deleted successfully.
Registry key HKEY_USERS\Alex_ON_C\Software\Policies\Microsoft\Internet Explorer\Control Panel\ not found.
Registry key HKEY_USERS\Compaq_Owner_ON_C\Software\Policies\Microsoft\Internet Explorer\Control Panel\ deleted successfully.
Registry key HKEY_USERS\LocalService_ON_C\Software\Policies\Microsoft\Internet Explorer\Control Panel\ not found.
Registry key HKEY_USERS\NetworkService_ON_C\Software\Policies\Microsoft\Internet Explorer\Control Panel\ not found.
Registry key HKEY_USERS\systemprofile_ON_C\Software\Policies\Microsoft\Internet Explorer\Control Panel\ not found.
========== REGISTRY ==========
HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\\"Userinit"|"c:\\windows\\system32\\userinit.exe," /E : value set successfully!
========== COMMANDS ==========

OTLPE by OldTimer - Version 3.1.48.0 log created on 11182012_133138

Edited by younggeeza, 18 November 2012 - 03:44 AM.

  • 0

#33
Nedklaw
Posted 19 November 2012 - 06:30 PM

Nedklaw

    Trusted Helper

  • Malware Removal
  • 1,652 posts
Hi. :)

Please run ComboFix again.
When finished, it shall produce a log for you at C:\ComboFix.txt which I will require in your next reply.


Things I want to see in your next reply

  • ComboFix.txt
  • 0

#34
younggeeza
Posted 20 November 2012 - 08:09 AM

younggeeza

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 112 posts
Combofix wouldn't work just like before so I did the renaming thing.

ComboFix 12-11-20.02 - Compaq_Owner 20/11/2012 12:50:05.5.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.44.1033.18.3071.2484 [GMT 0:00]
Running from: c:\documents and settings\Compaq_Owner\Desktop\Nedklaw.exe
* Created a new restore point
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\Compaq_Owner\1CeYHfG
c:\documents and settings\Compaq_Owner\Local Settings\Application Data\bsbybbtu.log
c:\documents and settings\Compaq_Owner\Local Settings\Application Data\c8c47f7ae0.log
c:\documents and settings\Compaq_Owner\Local Settings\Application Data\jjxylaod.log
c:\documents and settings\Compaq_Owner\Local Settings\Application Data\kjnojkrt.log
c:\documents and settings\Compaq_Owner\Local Settings\Application Data\ncoguvxx.log
c:\documents and settings\Compaq_Owner\Local Settings\Application Data\tyyliydr.log
c:\documents and settings\Compaq_Owner\Local Settings\Application Data\ulrmjsst.log
c:\documents and settings\Compaq_Owner\Local Settings\Application Data\weljvrww.log
c:\documents and settings\Compaq_Owner\Local Settings\Application Data\yjpdmegv\hphswemj.exe
c:\documents and settings\Compaq_Owner\Local Settings\Application Data\yvcwfauj.log
c:\documents and settings\Compaq_Owner\UN4Qzhb
c:\documents and settings\Compaq_Owner\ytyucuYT
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_MICORSOFT_WINDOWS_SERVICE
-------\Service_Micorsoft Windows Service
.
.
((((((((((((((((((((((((( Files Created from 2012-10-20 to 2012-11-20 )))))))))))))))))))))))))))))))
.
.
2012-11-20 13:03 . 2012-11-20 13:04 100144 ---ha-w- c:\documents and settings\Compaq_Owner\ytyucuYT
2012-11-18 14:11 . 2012-11-18 14:11 -------- d-----w- c:\documents and settings\All Users\Application Data\{7B6BA59A-FB0E-4499-8536-A7420338BF3B}
2012-11-18 14:10 . 2012-11-18 14:10 36400 ----a-r- c:\windows\system32\drivers\SymIM.sys
2012-11-18 14:10 . 2012-11-18 14:10 60808 ----a-w- c:\windows\system32\S32EVNT1.DLL
2012-11-18 14:10 . 2012-11-18 14:10 124464 ----a-w- c:\windows\system32\drivers\SYMEVENT.SYS
2012-11-18 14:10 . 2012-11-18 14:10 -------- d-----w- c:\program files\Symantec
2012-11-18 14:10 . 2012-11-18 09:38 -------- d-----w- c:\program files\Common Files\Symantec Shared
2012-11-18 14:09 . 2012-11-18 14:09 -------- d-----w- c:\windows\system32\drivers\N360
2012-11-18 14:09 . 2012-11-18 14:10 -------- d-----w- c:\program files\Norton 360
2012-11-18 14:09 . 2012-11-18 14:09 -------- d-----w- c:\program files\Windows Sidebar
2012-11-18 14:09 . 2012-11-18 14:09 -------- d-----w- c:\documents and settings\All Users\Application Data\Symantec
2012-11-18 14:05 . 2012-11-18 14:09 -------- d-----w- c:\documents and settings\All Users\Application Data\Norton
2012-11-18 14:05 . 2012-11-18 14:05 -------- d-----w- c:\documents and settings\All Users\Application Data\PCSettings
2012-11-18 14:03 . 2012-11-18 14:03 -------- d-----w- c:\program files\NortonInstaller
2012-11-18 13:59 . 2012-11-18 14:00 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2012-11-18 13:59 . 2011-12-10 15:24 20464 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-11-18 13:35 . 2012-11-20 13:04 100144 ---ha-w- c:\windows\system32\ytyucuYT
2012-11-18 13:35 . 2012-11-20 13:03 -------- d-----w- c:\documents and settings\Compaq_Owner\Local Settings\Application Data\yjpdmegv
2012-11-18 11:40 . 2012-11-18 11:40 -------- d-sh--w- c:\documents and settings\Compaq_Owner\IECompatCache
2012-11-18 09:33 . 2012-11-20 13:00 100144 ---ha-w- c:\windows\system32\1CeYHfG
2012-10-31 22:27 . 2012-10-31 22:27 -------- d-----w- C:\FRST
2012-10-25 23:36 . 2012-10-25 23:36 -------- d-----w- C:\TDSSKiller_Quarantine
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-10-09 16:41 . 2012-06-27 20:19 696760 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-10-09 16:41 . 2011-12-27 23:50 73656 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-10-09 16:35 . 2012-10-09 16:35 9575864 ----a-w- c:\windows\system32\FlashPlayerInstaller.exe
2012-09-04 13:22 . 2012-09-04 13:22 388096 ----a-w- c:\documents and settings\Compaq_Owner\Application Data\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2012-09-04 09:21 . 2012-09-04 09:22 93672 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2012-09-04 09:21 . 2012-08-22 19:39 821736 ----a-w- c:\windows\system32\npDeployJava1.dll
2012-09-04 09:21 . 2009-03-18 15:03 143872 ----a-w- c:\windows\system32\javacpl.cpl
2012-09-04 09:21 . 2011-01-02 04:32 746984 ----a-w- c:\windows\system32\deployJava1.dll
2012-10-26 23:41 . 2012-10-26 23:41 261600 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2010-04-01 357696]
"Pando Media Booster"="c:\program files\Pando Networks\Media Booster\PMB.exe" [2011-07-03 3077528]
"HphSwemj"="c:\documents and settings\Compaq_Owner\Local Settings\Application Data\yjpdmegv\hphswemj.exe" [2012-11-20 100144]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" [2005-04-12 14156800]
"SoundMan"="SOUNDMAN.EXE" [2004-07-29 77824]
"CTHelper"="CTHELPER.EXE" [2003-11-13 24576]
"AlcWzrd"="ALCWZRD.EXE" [2004-07-29 2551808]
"SiSPower"="SiSPower.dll" [2004-09-24 49152]
"Recguard"="c:\windows\SMINST\RECGUARD.EXE" [2004-04-14 233472]
"LVCOMS"="c:\program files\Common Files\Logitech\QCDriver2\LVCOMS.EXE" [2003-09-04 135214]
"LSBWatcher"="c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe" [2004-10-14 253952]
"KBD"="c:\hp\KBD\KBD.EXE" [2003-02-11 61440]
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2004-06-16 184320]
"ISUSPM Startup"="c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2004-06-16 319488]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2004-08-20 155648]
"hpsysdrv"="c:\windows\system\hpsysdrv.exe" [1998-05-07 52736]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"AGRSMMSG"="AGRSMMSG.exe" [2004-06-29 88363]
"F5D8055v2"="c:\program files\Belkin\F5D8055\v2\Belkinwcui.exe" [2009-04-08 1662976]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-01-15 13680640]
"nwiz"="nwiz.exe" [2009-01-15 1657376]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2009-01-15 86016]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-01-13 460872]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360]
"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2011-07-27 434080]
"HphSwemj"="c:\documents and settings\Compaq_Owner\Local Settings\Application Data\yjpdmegv\hphswemj.exe" [2012-11-20 100144]
.
c:\documents and settings\Default User\Start Menu\Programs\Startup\
hphswemj.exe [2012-11-20 100144]
.
c:\documents and settings\Compaq_Owner\Start Menu\Programs\Startup\
hphswemj.exe [2012-11-20 100144]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"Userinit"="c:\windows\system32\userinit.exe,,c:\documents and settings\Compaq_Owner\Local Settings\Application Data\yjpdmegv\hphswemj.exe"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn]
2011-09-27 19:03 66328 ----a-w- c:\program files\Common Files\Logishrd\Bluetooth\LBTWLgn.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SymEFA.sys]
@="FSFilter Activity Monitor"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]
@=""
.
[HKLM\~\startupfolder\C:^Documents and Settings^Compaq_Owner^Start Menu^Programs^Startup^hphswemj.exe]
path=c:\documents and settings\Compaq_Owner\Start Menu\Programs\Startup\hphswemj.exe
backup=c:\windows\pss\hphswemj.exeStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DevconDefaultDB]
c:\windows\READREG [X]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AsioReg]
2003-11-13 18:04 126976 ----a-w- c:\windows\system32\CTASIO.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BitTorrent DNA]
2011-01-02 02:30 323392 ----a-w- c:\program files\DNA\btdna.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BrowserChoice]
2010-02-12 10:03 293376 ------w- c:\windows\system32\browserchoice.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
2008-12-29 10:40 687560 ----a-w- c:\program files\DAEMON Tools Lite\daemon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
2011-07-28 23:08 1259376 ----a-w- c:\program files\DivX\DivX Update\DivXUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HphSwemj]
2012-11-20 13:03 100144 --s-a-w- c:\documents and settings\Compaq_Owner\Local Settings\Application Data\yjpdmegv\hphswemj.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2008-11-20 13:20 290088 ----a-w- c:\program files\iTunes\iTunesHelper.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LolMatches Client]
2012-09-28 14:50 1292288 ----a-w- c:\program files\LolMatches Client\LolMatches Client.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
2008-04-14 00:12 1695232 --s---w- c:\program files\Messenger\msmsgs.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSN Webcam Recorder]
2008-03-17 09:06 253952 ----a-w- c:\program files\MSN Webcam Recorder\ml20gui.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
2010-04-16 21:12 3872080 ----a-w- c:\program files\Windows Live\Messenger\msnmsgr.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Nokia.PCSync]
2008-06-17 16:00 1351680 ----a-w- c:\program files\Nokia\Nokia PC Suite 7\PcSync2.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
2009-01-15 07:19 13680640 ----a-w- c:\windows\system32\nvcpl.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
2009-01-15 07:19 86016 ----a-w- c:\windows\system32\nvmctray.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
2009-01-15 07:19 1657376 ----a-w- c:\windows\system32\nwiz.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray]
2008-10-02 07:00 1226240 ----a-w- c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PS2]
2003-09-12 20:13 98304 ----a-w- c:\windows\system32\ps2.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2008-11-04 10:30 516096 ----a-w- c:\program files\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RealTray]
2009-01-07 00:46 122880 ----a-w- c:\program files\Real\RealPlayer\realplay.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SetDefaultMIDI]
2003-06-20 19:13 49152 -c--a-w- c:\windows\MIDIDEF.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoftAP]
2004-02-17 10:19 638976 ----a-w- c:\program files\Arcadyan Wireless\NetCfgWizard.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
2012-08-31 12:35 1353080 ----a-w- c:\program files\Steam\steam.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Wireless SoftAP]
2004-02-17 10:20 770048 ----a-w- c:\program files\Arcadyan Wireless\Configuration\SoftAP.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001
"FirewallDisableNotify"=dword:00000001
"UpdatesDisableNotify"=dword:00000001
"AntiVirusOverride"=dword:00000001
"FirewallOverride"=dword:00000001
"UacDisableNotify"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
"DisableNotifications"= 1 (0x1)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
.
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [07/01/2009 05:33 691696]
R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\N360\0300000.087\SymEFA.sys [18/11/2012 14:10 310320]
R1 BHDrvx86;Symantec Heuristics Driver;c:\windows\system32\drivers\N360\0300000.087\BHDrvx86.sys [18/11/2012 14:10 258608]
R1 ccHP;Symantec Hash Provider;c:\windows\system32\drivers\N360\0300000.087\cchpx86.sys [18/11/2012 14:10 482352]
R1 IDSxpx86;IDSxpx86;c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20090206.001\IDSxpx86.sys [18/11/2012 14:10 276344]
R2 LBeepKE;Logitech Beep Suppression Driver;c:\windows\system32\drivers\LBeepKE.sys [24/03/2012 19:16 12184]
R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [18/11/2012 13:59 652360]
R2 N360;Norton 360;c:\program files\Norton 360\Engine\3.0.0.135\ccSvcHst.exe [18/11/2012 14:10 115560]
R2 PCTWPASV;SoftAP WPA Authenticator Service;c:\program files\Arcadyan Wireless\pctwpasv.exe [30/01/2004 13:59 204800]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [18/11/2012 14:10 101936]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [18/11/2012 13:59 20464]
R3 PRISM_A00;Intersil PRISM 802.11a/g Driver;c:\windows\system32\drivers\PCTELSAP.SYS [29/01/2004 22:29 350282]
S3 ADM8511;%ADM8511.Service.DispName%;c:\windows\system32\drivers\ADM8511.SYS [17/08/2001 12:11 20160]
S3 EagleXNt;EagleXNt;\??\c:\windows\system32\drivers\EagleXNt.sys --> c:\windows\system32\drivers\EagleXNt.sys [?]
S3 Micorsoft Windows Service;Micorsoft Windows Service;c:\docume~1\COMPAQ~1\LOCALS~1\Temp\obfaabiv.sys [20/11/2012 13:05 15360]
S3 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [06/11/2007 20:22 34064]
S3 PID_0920;Logitech QuickCam Express(PID_0920);c:\windows\system32\drivers\LV532AV.SYS [07/01/2009 00:46 152576]
S3 PROCEXP151;PROCEXP151;\??\c:\windows\system32\Drivers\PROCEXP151.SYS --> c:\windows\system32\Drivers\PROCEXP151.SYS [?]
S3 RegKernelHelp;RegKernelHelp;\??\c:\program files\Safe Returner\RegKernelHelp.sys --> c:\program files\Safe Returner\RegKernelHelp.sys [?]
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - MICORSOFT_WINDOWS_SERVICE
.
Contents of the 'Scheduled Tasks' folder
.
2012-10-16 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 12:34]
.
.
------- Supplementary Scan -------
.
uSearchMigratedDefaultURL = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
FF - ProfilePath - c:\documents and settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\r774xhi2.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.soa-clan.info/forum/
FF - prefs.js: network.proxy.type - 0
FF - ExtSQL: 2012-10-09 16:36; [email protected]; c:\documents and settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\r774xhi2.default\extensions\[email protected]
FF - user.js: network.cookie.cookieBehavior - 0
FF - user.js: privacy.clearOnShutdown.cookies - false
FF - user.js: security.warn_viewing_mixed - false
FF - user.js: security.warn_viewing_mixed.show_once - false
FF - user.js: security.warn_submit_insecure - false
FF - user.js: security.warn_submit_insecure.show_once - false
.
- - - - ORPHANS REMOVED - - - -
.
SafeBoot-58470250.sys
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-11-20 13:03
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\System\ControlSet005\Services\N360]
"ImagePath"="\"c:\program files\Norton 360\Engine\3.0.0.135\ccSvcHst.exe\" /s \"N360\" /m \"c:\program files\Norton 360\Engine\3.0.0.135\diMaster.dll\" /prefetch:1"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-4084055621-2455302966-1550939352-1007\Software\G*e*n*i*e*"!\FM Genie Scout 2008]
"GameDir"=""
"ShortlistDir"=""
"ScreenshotsDir"=""
"SaveDir"=""
"HistoryDir"="c:\\Documents and Settings\\Compaq_Owner\\Desktop\\fm_genie_scout_2008\\FM Genie Scout 2008\\History Points"
"LangDB"=""
"LastSaveGame"=""
"Language"="English"
"LoadLangDB"=dword:00000000
"CompressHistoryPoints"=dword:00000000
"HighlightedAttributes"=dword:00000000
"MinCondition"=dword:00000050
"SkinID"=dword:00000001
"LastUpdateCheck"=dword:00000000
"HighQualityGUI"=dword:00000001
"AutomaticallyUpdateCheck"=dword:00000001
"AdvancedGeneration"=dword:00000000
"TranslateStaffSkills"=dword:00000001
"TranslatePlayerSkills"=dword:00000001
"TranslatePositions"=dword:00000001
"ShowHistory"=dword:00000001
"WindowState"=dword:00000000
"WindowHeight"=dword:0000026d
"WindowWidth"=dword:000003fc
"WindowLeft"=dword:00000082
"WindowTop"=dword:000000ca
"UseProxy"=dword:00000000
"ProxyHost"=""
"ProxyPort"=""
"UseAuthentication"=dword:00000000
"UserName"=""
"UserPassword"=""
.
[HKEY_USERS\S-1-5-21-4084055621-2455302966-1550939352-1007\Software\G*e*n*i*e*"!\FM Genie Scout 2008\Columns\Clubs]
"Position0"=dword:00000000
"Visible0"=dword:00000001
"Width0"=dword:0000007d
"Position1"=dword:00000001
"Visible1"=dword:00000001
"Width1"=dword:00000064
"Position2"=dword:00000002
"Visible2"=dword:00000001
"Width2"=dword:00000064
"Position3"=dword:00000003
"Visible3"=dword:00000001
"Width3"=dword:00000032
"Position4"=dword:00000004
"Visible4"=dword:00000001
"Width4"=dword:00000032
"Position5"=dword:00000005
"Visible5"=dword:00000001
"Width5"=dword:00000050
"Position6"=dword:00000006
"Visible6"=dword:00000001
"Width6"=dword:00000050
"Position7"=dword:00000007
"Visible7"=dword:00000001
"Width7"=dword:00000050
"Position8"=dword:00000008
"Visible8"=dword:00000000
"Width8"=dword:00000050
"Position9"=dword:00000009
"Visible9"=dword:00000000
"Width9"=dword:0000002d
"Position10"=dword:0000000a
"Visible10"=dword:00000000
"Width10"=dword:0000001e
"Position11"=dword:0000000b
"Visible11"=dword:00000000
"Width11"=dword:0000001e
"Position12"=dword:0000000c
"Visible12"=dword:00000000
"Width12"=dword:0000001e
"Position13"=dword:0000000d
"Visible13"=dword:00000001
"Width13"=dword:0000003c
"Position14"=dword:0000000e
"Visible14"=dword:00000000
"Width14"=dword:00000032
"Position15"=dword:0000000f
"Visible15"=dword:00000000
"Width15"=dword:00000032
"Position16"=dword:00000010
"Visible16"=dword:00000000
"Width16"=dword:00000032
"Position17"=dword:00000011
"Visible17"=dword:00000001
"Width17"=dword:00000050
"Position18"=dword:00000012
"Visible18"=dword:00000001
"Width18"=dword:00000050
"Position19"=dword:00000013
"Visible19"=dword:00000000
"Width19"=dword:00000050
.
[HKEY_USERS\S-1-5-21-4084055621-2455302966-1550939352-1007\Software\G*e*n*i*e*"!\FM Genie Scout 2008\Columns\Players]
"Position0"=dword:00000000
"Visible0"=dword:00000001
"Width0"=dword:0000007d
"Position1"=dword:00000001
"Visible1"=dword:00000001
"Width1"=dword:00000064
"Position2"=dword:00000002
"Visible2"=dword:00000001
"Width2"=dword:00000064
"Position3"=dword:00000003
"Visible3"=dword:00000001
"Width3"=dword:00000037
"Position4"=dword:00000008
"Visible4"=dword:00000001
"Width4"=dword:00000023
"Position5"=dword:00000009
"Visible5"=dword:00000001
"Width5"=dword:00000028
"Position6"=dword:0000000a
"Visible6"=dword:00000001
"Width6"=dword:00000028
"Position7"=dword:0000000c
"Visible7"=dword:00000001
"Width7"=dword:0000004b
"Position8"=dword:0000000d
"Visible8"=dword:00000001
"Width8"=dword:0000004b
"Position9"=dword:0000000e
"Visible9"=dword:00000001
"Width9"=dword:00000050
"Position10"=dword:00000010
"Visible10"=dword:00000000
"Width10"=dword:00000050
"Position11"=dword:00000011
"Visible11"=dword:00000000
"Width11"=dword:0000004b
"Position12"=dword:00000012
"Visible12"=dword:00000000
"Width12"=dword:0000002d
"Position13"=dword:00000013
"Visible13"=dword:00000000
"Width13"=dword:0000003c
"Position14"=dword:00000014
"Visible14"=dword:00000000
"Width14"=dword:0000004b
"Position15"=dword:00000015
"Visible15"=dword:00000000
"Width15"=dword:00000064
"Position16"=dword:00000016
"Visible16"=dword:00000000
"Width16"=dword:00000064
"Position17"=dword:00000017
"Visible17"=dword:00000000
"Width17"=dword:0000004b
"Position18"=dword:00000018
"Visible18"=dword:00000000
"Width18"=dword:00000064
"Position19"=dword:00000019
"Visible19"=dword:00000000
"Width19"=dword:0000003c
"Position20"=dword:0000001a
"Visible20"=dword:00000000
"Width20"=dword:0000004b
"Position21"=dword:0000001b
"Visible21"=dword:00000000
"Width21"=dword:00000050
"Position22"=dword:0000001c
"Visible22"=dword:00000000
"Width22"=dword:00000073
"Position23"=dword:0000001d
"Visible23"=dword:00000000
"Width23"=dword:00000050
"Position24"=dword:0000001e
"Visible24"=dword:00000000
"Width24"=dword:0000005a
"Position25"=dword:0000001f
"Visible25"=dword:00000000
"Width25"=dword:0000006e
"Position26"=dword:00000020
"Visible26"=dword:00000000
"Width26"=dword:00000064
"Position27"=dword:00000021
"Visible27"=dword:00000000
"Width27"=dword:00000087
"Position28"=dword:00000022
"Visible28"=dword:00000000
"Width28"=dword:00000064
"Position29"=dword:00000023
"Visible29"=dword:00000000
"Width29"=dword:00000064
"Position30"=dword:00000024
"Visible30"=dword:00000000
"Width30"=dword:00000046
"Position31"=dword:00000025
"Visible31"=dword:00000000
"Width31"=dword:0000004b
"Position32"=dword:00000026
"Visible32"=dword:00000000
"Width32"=dword:00000046
"Position33"=dword:00000027
"Visible33"=dword:00000000
"Width33"=dword:0000004b
"Position34"=dword:00000028
"Visible34"=dword:00000000
"Width34"=dword:0000003c
"Position35"=dword:0000002a
"Visible35"=dword:00000000
"Width35"=dword:00000064
"Position36"=dword:0000002e
"Visible36"=dword:00000000
"Width36"=dword:00000073
"Position37"=dword:00000030
"Visible37"=dword:00000000
"Width37"=dword:0000005f
"Position38"=dword:00000033
"Visible38"=dword:00000000
"Width38"=dword:00000091
"Position39"=dword:00000035
"Visible39"=dword:00000000
"Width39"=dword:0000003c
"Position40"=dword:0000002c
"Visible40"=dword:00000000
"Width40"=dword:0000005a
"Position41"=dword:00000036
"Visible41"=dword:00000000
"Width41"=dword:00000041
"Position42"=dword:00000029
"Visible42"=dword:00000000
"Width42"=dword:00000050
"Position43"=dword:0000002b
"Visible43"=dword:00000000
"Width43"=dword:00000055
"Position44"=dword:0000002d
"Visible44"=dword:00000000
"Width44"=dword:0000005f
"Position45"=dword:00000037
"Visible45"=dword:00000000
"Width45"=dword:00000050
"Position46"=dword:00000038
"Visible46"=dword:00000000
"Width46"=dword:0000004b
"Position47"=dword:00000039
"Visible47"=dword:00000000
"Width47"=dword:0000004b
"Position48"=dword:0000003a
"Visible48"=dword:00000000
"Width48"=dword:00000046
"Position49"=dword:0000003b
"Visible49"=dword:00000000
"Width49"=dword:00000032
"Position50"=dword:0000003c
"Visible50"=dword:00000000
"Width50"=dword:0000003c
"Position51"=dword:0000003d
"Visible51"=dword:00000000
"Width51"=dword:0000004b
"Position52"=dword:0000003e
"Visible52"=dword:00000000
"Width52"=dword:0000003c
"Position53"=dword:0000003f
"Visible53"=dword:00000000
"Width53"=dword:00000037
"Position54"=dword:00000040
"Visible54"=dword:00000000
"Width54"=dword:00000069
"Position55"=dword:00000041
"Visible55"=dword:00000000
"Width55"=dword:0000005a
"Position56"=dword:00000044
"Visible56"=dword:00000000
"Width56"=dword:0000004b
"Position57"=dword:00000045
"Visible57"=dword:00000000
"Width57"=dword:0000004b
"Position58"=dword:00000046
"Visible58"=dword:00000000
"Width58"=dword:00000037
"Position59"=dword:00000047
"Visible59"=dword:00000000
"Width59"=dword:0000003c
"Position60"=dword:00000048
"Visible60"=dword:00000000
"Width60"=dword:0000003c
"Position61"=dword:00000049
"Visible61"=dword:00000000
"Width61"=dword:00000041
"Position62"=dword:0000004a
"Visible62"=dword:00000000
"Width62"=dword:00000055
"Position63"=dword:0000004b
"Visible63"=dword:00000000
"Width63"=dword:0000003c
"Position64"=dword:0000004c
"Visible64"=dword:00000000
"Width64"=dword:0000003c
"Position65"=dword:0000004d
"Visible65"=dword:00000000
"Width65"=dword:0000004b
"Position66"=dword:0000004e
"Visible66"=dword:00000000
"Width66"=dword:0000003c
"Position67"=dword:0000004f
"Visible67"=dword:00000000
"Width67"=dword:00000046
"Position68"=dword:00000050
"Visible68"=dword:00000000
"Width68"=dword:00000028
"Position69"=dword:00000051
"Visible69"=dword:00000000
"Width69"=dword:00000041
"Position70"=dword:00000052
"Visible70"=dword:00000000
"Width70"=dword:0000003c
"Position71"=dword:00000053
"Visible71"=dword:00000000
"Width71"=dword:00000069
"Position72"=dword:00000054
"Visible72"=dword:00000000
"Width72"=dword:00000041
"Position73"=dword:00000055
"Visible73"=dword:00000000
"Width73"=dword:0000005f
"Position74"=dword:00000056
"Visible74"=dword:00000000
"Width74"=dword:0000003c
"Position75"=dword:00000057
"Visible75"=dword:00000000
"Width75"=dword:00000037
"Position76"=dword:00000058
"Visible76"=dword:00000000
"Width76"=dword:0000004b
"Position77"=dword:00000059
"Visible77"=dword:00000000
"Width77"=dword:00000050
"Position78"=dword:0000005a
"Visible78"=dword:00000000
"Width78"=dword:00000037
"Position79"=dword:0000005b
"Visible79"=dword:00000000
"Width79"=dword:00000037
"Position80"=dword:0000005c
"Visible80"=dword:00000000
"Width80"=dword:0000005a
"Position81"=dword:0000005d
"Visible81"=dword:00000000
"Width81"=dword:0000004b
"Position82"=dword:0000005e
"Visible82"=dword:00000000
"Width82"=dword:00000055
"Position83"=dword:0000005f
"Visible83"=dword:00000000
"Width83"=dword:0000002d
"Position84"=dword:00000060
"Visible84"=dword:00000000
"Width84"=dword:00000037
"Position85"=dword:00000061
"Visible85"=dword:00000000
"Width85"=dword:0000003c
"Position86"=dword:00000062
"Visible86"=dword:00000000
"Width86"=dword:00000046
"Position87"=dword:00000063
"Visible87"=dword:00000000
"Width87"=dword:0000003c
"Position88"=dword:00000064
"Visible88"=dword:00000000
"Width88"=dword:0000005a
"Position89"=dword:00000065
"Visible89"=dword:00000000
"Width89"=dword:0000003c
"Position90"=dword:00000066
"Visible90"=dword:00000000
"Width90"=dword:00000050
"Position91"=dword:00000067
"Visible91"=dword:00000000
"Width91"=dword:00000046
"Position92"=dword:00000068
"Visible92"=dword:00000000
"Width92"=dword:0000005a
"Position93"=dword:00000069
"Visible93"=dword:00000000
"Width93"=dword:00000037
"Position94"=dword:0000006a
"Visible94"=dword:00000000
"Width94"=dword:0000003c
"Position95"=dword:0000006b
"Visible95"=dword:00000000
"Width95"=dword:0000003c
"Position96"=dword:0000006c
"Visible96"=dword:00000000
"Width96"=dword:00000046
"Position97"=dword:0000006d
"Visible97"=dword:00000000
"Width97"=dword:00000046
"Position98"=dword:0000006e
"Visible98"=dword:00000000
"Width98"=dword:00000055
"Position99"=dword:0000006f
"Visible99"=dword:00000000
"Width99"=dword:00000073
"Position100"=dword:00000042
"Visible100"=dword:00000000
"Width100"=dword:00000041
"Position101"=dword:00000070
"Visible101"=dword:00000000
"Width101"=dword:0000003c
"Position102"=dword:00000071
"Visible102"=dword:00000000
"Width102"=dword:0000003c
"Position103"=dword:00000072
"Visible103"=dword:00000000
"Width103"=dword:00000046
"Position104"=dword:00000073
"Visible104"=dword:00000000
"Width104"=dword:0000003c
"Position105"=dword:00000074
"Visible105"=dword:00000000
"Width105"=dword:00000041
"Position106"=dword:0000000f
"Visible106"=dword:00000001
"Width106"=dword:00000050
"Position107"=dword:0000000b
"Visible107"=dword:00000001
"Width107"=dword:00000028
"Position108"=dword:00000043
"Visible108"=dword:00000000
"Width108"=dword:00000050
"Position109"=dword:0000002f
"Visible109"=dword:00000000
"Width109"=dword:00000050
"Position110"=dword:00000031
"Visible110"=dword:00000000
"Width110"=dword:00000055
"Position111"=dword:00000032
"Visible111"=dword:00000000
"Width111"=dword:00000082
"Position112"=dword:00000034
"Visible112"=dword:00000000
"Width112"=dword:00000087
"Position113"=dword:00000075
"Visible113"=dword:00000000
"Width113"=dword:00000050
"Position114"=dword:00000076
"Visible114"=dword:00000000
"Width114"=dword:00000050
"Position115"=dword:00000077
"Visible115"=dword:00000000
"Width115"=dword:00000050
"Position116"=dword:00000078
"Visible116"=dword:00000000
"Width116"=dword:00000050
"Position117"=dword:00000079
"Visible117"=dword:00000000
"Width117"=dword:00000050
"Position118"=dword:0000007a
"Visible118"=dword:00000000
"Width118"=dword:00000050
"Position119"=dword:0000007b
"Visible119"=dword:00000000
"Width119"=dword:00000050
"Position120"=dword:0000007c
"Visible120"=dword:00000000
"Width120"=dword:00000050
"Position121"=dword:0000007d
"Visible121"=dword:00000000
"Width121"=dword:00000050
"Position122"=dword:0000007e
"Visible122"=dword:00000000
"Width122"=dword:00000050
"Position123"=dword:0000007f
"Visible123"=dword:00000000
"Width123"=dword:00000050
"Position124"=dword:00000080
"Visible124"=dword:00000000
"Width124"=dword:00000050
"Position125"=dword:00000081
"Visible125"=dword:00000000
"Width125"=dword:00000050
"Position126"=dword:00000082
"Visible126"=dword:00000000
"Width126"=dword:00000050
"Position127"=dword:00000083
"Visible127"=dword:00000000
"Width127"=dword:00000050
"Position128"=dword:00000084
"Visible128"=dword:00000000
"Width128"=dword:00000050
"Position129"=dword:00000085
"Visible129"=dword:00000000
"Width129"=dword:00000050
"Position130"=dword:00000086
"Visible130"=dword:00000000
"Width130"=dword:00000050
"Position131"=dword:00000087
"Visible131"=dword:00000000
"Width131"=dword:00000050
"Position132"=dword:00000088
"Visible132"=dword:00000000
"Width132"=dword:00000050
"Position133"=dword:00000089
"Visible133"=dword:00000000
"Width133"=dword:00000050
"Position134"=dword:0000008a
"Visible134"=dword:00000000
"Width134"=dword:00000050
"Position135"=dword:0000008b
"Visible135"=dword:00000000
"Width135"=dword:00000050
"Position136"=dword:0000008c
"Visible136"=dword:00000000
"Width136"=dword:00000050
"Position137"=dword:0000008d
"Visible137"=dword:00000000
"Width137"=dword:00000050
"Position138"=dword:0000008e
"Visible138"=dword:00000000
"Width138"=dword:00000050
"Position139"=dword:0000008f
"Visible139"=dword:00000000
"Width139"=dword:00000050
"Position140"=dword:00000090
"Visible140"=dword:00000000
"Width140"=dword:00000050
"Position141"=dword:00000091
"Visible141"=dword:00000000
"Width141"=dword:00000050
"Position142"=dword:00000092
"Visible142"=dword:00000000
"Width142"=dword:00000050
"Position143"=dword:00000093
"Visible143"=dword:00000000
"Width143"=dword:00000050
"Position144"=dword:00000094
"Visible144"=dword:00000000
"Width144"=dword:00000050
"Position145"=dword:00000095
"Visible145"=dword:00000000
"Width145"=dword:00000050
"Position146"=dword:00000004
"Visible146"=dword:00000000
"Width146"=dword:00000037
"Position147"=dword:00000005
"Visible147"=dword:00000000
"Width147"=dword:00000028
"Position148"=dword:00000006
"Visible148"=dword:00000000
"Width148"=dword:00000037
"Position149"=dword:00000007
"Visible149"=dword:00000001
"Width149"=dword:00000028
.
[HKEY_USERS\S-1-5-21-4084055621-2455302966-1550939352-1007\Software\G*e*n*i*e*"!\FM Genie Scout 2008\Columns\Staff]
"Position0"=dword:00000000
"Visible0"=dword:00000001
"Width0"=dword:0000007d
"Position1"=dword:00000001
"Visible1"=dword:00000001
"Width1"=dword:00000064
"Position2"=dword:00000002
"Visible2"=dword:00000001
"Width2"=dword:00000064
"Position3"=dword:00000003
"Visible3"=dword:00000001
"Width3"=dword:00000069
"Position4"=dword:00000005
"Visible4"=dword:00000001
"Width4"=dword:00000028
"Position5"=dword:00000006
"Visible5"=dword:00000001
"Width5"=dword:00000028
"Position6"=dword:00000004
"Visible6"=dword:00000001
"Width6"=dword:00000028
"Position7"=dword:00000007
"Visible7"=dword:00000001
"Width7"=dword:00000050
"Position8"=dword:00000008
"Visible8"=dword:00000000
"Width8"=dword:00000050
"Position9"=dword:00000009
"Visible9"=dword:00000000
"Width9"=dword:0000004b
"Position10"=dword:0000000a
"Visible10"=dword:00000000
"Width10"=dword:0000002d
"Position11"=dword:0000000b
"Visible11"=dword:00000000
"Width11"=dword:0000003c
"Position12"=dword:0000000c
"Visible12"=dword:00000000
"Width12"=dword:0000004b
"Position13"=dword:0000000d
"Visible13"=dword:00000000
"Width13"=dword:00000064
"Position14"=dword:0000000e
"Visible14"=dword:00000000
"Width14"=dword:00000064
"Position15"=dword:0000000f
"Visible15"=dword:00000000
"Width15"=dword:0000004b
"Position16"=dword:00000010
"Visible16"=dword:00000000
"Width16"=dword:00000064
"Position17"=dword:00000011
"Visible17"=dword:00000000
"Width17"=dword:0000003c
"Position18"=dword:00000012
"Visible18"=dword:00000000
"Width18"=dword:0000004b
"Position19"=dword:00000013
"Visible19"=dword:00000000
"Width19"=dword:00000050
"Position20"=dword:00000014
"Visible20"=dword:00000000
"Width20"=dword:00000046
"Position21"=dword:00000015
"Visible21"=dword:00000000
"Width21"=dword:0000004b
"Position22"=dword:00000016
"Visible22"=dword:00000000
"Width22"=dword:00000046
"Position23"=dword:00000017
"Visible23"=dword:00000000
"Width23"=dword:00000046
"Position24"=dword:00000018
"Visible24"=dword:00000000
"Width24"=dword:0000003c
"Position25"=dword:00000019
"Visible25"=dword:00000000
"Width25"=dword:00000041
"Position26"=dword:0000001a
"Visible26"=dword:00000000
"Width26"=dword:0000003c
"Position27"=dword:0000001b
"Visible27"=dword:00000000
"Width27"=dword:00000055
"Position28"=dword:0000001c
"Visible28"=dword:00000000
"Width28"=dword:00000069
"Position29"=dword:0000001d
"Visible29"=dword:00000000
"Width29"=dword:0000006e
"Position30"=dword:0000001e
"Visible30"=dword:00000000
"Width30"=dword:00000064
"Position31"=dword:0000001f
"Visible31"=dword:00000000
"Width31"=dword:00000078
"Position32"=dword:00000020
"Visible32"=dword:00000000
"Width32"=dword:00000064
"Position33"=dword:00000021
"Visible33"=dword:00000000
"Width33"=dword:00000087
"Position34"=dword:00000022
"Visible34"=dword:00000000
"Width34"=dword:00000069
"Position35"=dword:00000023
"Visible35"=dword:00000000
"Width35"=dword:0000006e
"Position36"=dword:00000024
"Visible36"=dword:00000000
"Width36"=dword:00000073
"Position37"=dword:00000025
"Visible37"=dword:00000000
"Width37"=dword:0000004b
"Position38"=dword:00000026
"Visible38"=dword:00000000
"Width38"=dword:0000002d
"Position39"=dword:00000027
"Visible39"=dword:00000000
"Width39"=dword:00000055
"Position40"=dword:00000028
"Visible40"=dword:00000000
"Width40"=dword:00000046
"Position41"=dword:00000029
"Visible41"=dword:00000000
"Width41"=dword:0000004b
"Position42"=dword:0000002a
"Visible42"=dword:00000000
"Width42"=dword:0000003c
"Position43"=dword:0000002b
"Visible43"=dword:00000000
"Width43"=dword:00000046
"Position44"=dword:0000002c
"Visible44"=dword:00000000
"Width44"=dword:00000073
"Position45"=dword:0000002d
"Visible45"=dword:00000000
"Width45"=dword:0000004b
"Position46"=dword:0000002e
"Visible46"=dword:00000000
"Width46"=dword:00000073
"Position47"=dword:0000002f
"Visible47"=dword:00000000
"Width47"=dword:0000007d
"Position48"=dword:00000030
"Visible48"=dword:00000000
"Width48"=dword:0000006e
"Position49"=dword:00000031
"Visible49"=dword:00000000
"Width49"=dword:00000037
"Position50"=dword:00000032
"Visible50"=dword:00000000
"Width50"=dword:00000064
"Position51"=dword:00000033
"Visible51"=dword:00000000
"Width51"=dword:00000037
"Position52"=dword:00000034
"Visible52"=dword:00000000
"Width52"=dword:0000004b
"Position53"=dword:00000035
"Visible53"=dword:00000000
"Width53"=dword:00000046
"Position54"=dword:00000036
"Visible54"=dword:00000000
"Width54"=dword:00000037
"Position55"=dword:00000037
"Visible55"=dword:00000000
"Width55"=dword:0000003c
"Position56"=dword:00000038
"Visible56"=dword:00000000
"Width56"=dword:00000055
"Position57"=dword:00000039
"Visible57"=dword:00000000
"Width57"=dword:0000003c
"Position58"=dword:0000003a
"Visible58"=dword:00000000
"Width58"=dword:0000003c
"Position59"=dword:0000003b
"Visible59"=dword:00000000
"Width59"=dword:00000055
"Position60"=dword:0000003c
"Visible60"=dword:00000000
"Width60"=dword:00000046
"Position61"=dword:0000003d
"Visible61"=dword:00000000
"Width61"=dword:0000004b
"Position62"=dword:0000003e
"Visible62"=dword:00000000
"Width62"=dword:00000055
"Position63"=dword:0000003f
"Visible63"=dword:00000000
"Width63"=dword:0000005a
"Position64"=dword:00000040
"Visible64"=dword:00000000
"Width64"=dword:0000006e
"Position65"=dword:00000041
"Visible65"=dword:00000000
"Width65"=dword:00000050
"Position66"=dword:00000042
"Visible66"=dword:00000000
"Width66"=dword:00000032
"Position67"=dword:00000043
"Visible67"=dword:00000000
"Width67"=dword:00000064
"Position68"=dword:00000044
"Visible68"=dword:00000000
"Width68"=dword:0000004b
"Position69"=dword:00000045
"Visible69"=dword:00000000
"Width69"=dword:0000002d
"Position70"=dword:00000046
"Visible70"=dword:00000000
"Width70"=dword:0000004b
"Position71"=dword:00000047
"Visible71"=dword:00000000
"Width71"=dword:0000005a
"Position72"=dword:00000048
"Visible72"=dword:00000000
"Width72"=dword:0000005a
"Position73"=dword:00000049
"Visible73"=dword:00000000
"Width73"=dword:00000050
"Position74"=dword:0000004a
"Visible74"=dword:00000000
"Width74"=dword:0000004b
"Position75"=dword:0000004b
"Visible75"=dword:00000000
"Width75"=dword:00000050
"Position76"=dword:0000004c
"Visible76"=dword:00000000
"Width76"=dword:0000005a
"Position77"=dword:0000004d
"Visible77"=dword:00000000
"Width77"=dword:00000041
"Position78"=dword:0000004e
"Visible78"=dword:00000000
"Width78"=dword:00000041
"Position79"=dword:0000004f
"Visible79"=dword:00000000
"Width79"=dword:00000041
"Position80"=dword:00000050
"Visible80"=dword:00000000
"Width80"=dword:00000041
"Position81"=dword:00000051
"Visible81"=dword:00000000
"Width81"=dword:00000041
"Position82"=dword:00000052
"Visible82"=dword:00000000
"Width82"=dword:00000041
"Position83"=dword:00000053
"Visible83"=dword:00000000
"Width83"=dword:00000041
"Position84"=dword:00000054
"Visible84"=dword:00000000
"Width84"=dword:00000041
"Position85"=dword:00000055
"Visible85"=dword:00000000
"Width85"=dword:00000041
"Position86"=dword:00000056
"Visible86"=dword:00000000
"Width86"=dword:00000050
.
[HKEY_USERS\S-1-5-21-4084055621-2455302966-1550939352-1007\Software\G*e*n*i*e*"!\FM Genie Scout 2008\Rating Coefficients]
"GKWeightCoef"=dword:00000064
"GKCurrentAbilityCoef"=dword:00000000
"GKCornersCoef"=dword:00000000
"GKCrossingCoef"=dword:00000000
"GKDribblingCoef"=dword:00000000
"GKFinishingCoef"=dword:00000000
"GKFirstTouchCoef"=dword:00000000
"GKFreeKicksCoef"=dword:00000000
"GKHeadingCoef"=dword:00000000
"GKLongShotsCoef"=dword:00000000
"GKLongThrowsCoef"=dword:00000000
"GKMarkingCoef"=dword:00000000
"GKPassingCoef"=dword:00000000
"GKPenaltiesCoef"=dword:00000000
"GKTacklingCoef"=dword:00000005
"GKTechniqueCoef"=dword:00000000
"GKLeftFootCoef"=dword:00000000
"GKRightFootCoef"=dword:00000000
"GKAggressionCoef"=dword:0000000a
"GKAnticipationCoef"=dword:00000005
"GKBraveryCoef"=dword:00000014
"GKComposureCoef"=dword:00000014
"GKConcentrationCoef"=dword:0000000a
"GKConsistencyCoef"=dword:0000000a
"GKCreativityCoef"=dword:00000000
"GKDecisionsCoef"=dword:00000014
"GKDeterminationCoef"=dword:0000000a
"GKDirtinessCoef"=dword:fffffffb
"GKFlairCoef"=dword:00000000
"GKImportantMatchesCoef"=dword:0000000a
"GKInfluenceCoef"=dword:0000000a
"GKOffTheBallCoef"=dword:00000000
"GKPositioningCoef"=dword:00000050
"GKTeamworkCoef"=dword:00000005
"GKWorkRateCoef"=dword:00000000
"GKAccelerationCoef"=dword:00000005
"GKAgilityCoef"=dword:0000000a
"GKBalanceCoef"=dword:0000000a
"GKInjuryPronenessCoef"=dword:fffffffb
"GKJumpingCoef"=dword:00000050
"GKNaturalFitnessCoef"=dword:00000005
"GKPaceCoef"=dword:00000000
"GKStaminaCoef"=dword:00000000
"GKStrengthCoef"=dword:0000000a
"GKVersatilityCoef"=dword:00000000
"GKAerialAbilityCoef"=dword:00000032
"GKCommandOfAreaCoef"=dword:00000014
"GKCommunicationCoef"=dword:00000032
"GKEccentricityCoef"=dword:ffffffec
"GKHandlingCoef"=dword:00000064
"GKKickingCoef"=dword:0000000a
"GKOneOnOnesCoef"=dword:00000032
"GKReflexesCoef"=dword:00000064
"GKRushingOutCoef"=dword:00000014
"GKTendencyToPunchCoef"=dword:fffffff6
"GKThrowingCoef"=dword:0000000a
"GKAdaptabilityCoef"=dword:00000005
"GKAmbitionCoef"=dword:0000000a
"GKControversyCoef"=dword:fffffffb
"GKLoyalityCoef"=dword:00000005
"GKPressureCoef"=dword:00000005
"GKProfessionalismCoef"=dword:00000005
"GKSportsmanshipCoef"=dword:00000005
"GKTemperamentCoef"=dword:00000005
"SWWeightCoef"=dword:00000066
"SWCurrentAbilityCoef"=dword:00000000
"SWCornersCoef"=dword:00000000
"SWCrossingCoef"=dword:00000000
"SWDribblingCoef"=dword:00000000
"SWFinishingCoef"=dword:00000000
"SWFirstTouchCoef"=dword:00000014
"SWFreeKicksCoef"=dword:0000000a
"SWHeadingCoef"=dword:00000064
"SWLongShotsCoef"=dword:0000000a
"SWLongThrowsCoef"=dword:00000000
"SWMarkingCoef"=dword:00000064
"SWPassingCoef"=dword:0000000a
"SWPenaltiesCoef"=dword:00000005
"SWTacklingCoef"=dword:00000064
"SWTechniqueCoef"=dword:0000000a
"SWLeftFootCoef"=dword:00000005
"SWRightFootCoef"=dword:00000005
"SWAggressionCoef"=dword:00000014
"SWAnticipationCoef"=dword:00000014
"SWBraveryCoef"=dword:00000028
"SWComposureCoef"=dword:00000028
"SWConcentrationCoef"=dword:0000003c
"SWConsistencyCoef"=dword:0000000a
"SWCreativityCoef"=dword:0000000a
"SWDecisionsCoef"=dword:00000014
"SWDeterminationCoef"=dword:0000000a
"SWDirtinessCoef"=dword:ffffffe7
"SWFlairCoef"=dword:00000000
"SWImportantMatchesCoef"=dword:0000000a
"SWInfluenceCoef"=dword:0000000a
"SWOffTheBallCoef"=dword:0000000a
"SWPositioningCoef"=dword:00000064
"SWTeamworkCoef"=dword:00000028
"SWWorkRateCoef"=dword:00000014
"SWAccelerationCoef"=dword:0000001e
"SWAgilityCoef"=dword:0000000a
"SWBalanceCoef"=dword:00000014
"SWInjuryPronenessCoef"=dword:fffffffb
"SWJumpingCoef"=dword:00000064
"SWNaturalFitnessCoef"=dword:00000005
"SWPaceCoef"=dword:00000014
"SWStaminaCoef"=dword:0000000a
"SWStrengthCoef"=dword:00000050
"SWVersatilityCoef"=dword:00000005
"SWAerialAbilityCoef"=dword:00000000
"SWCommandOfAreaCoef"=dword:00000000
"SWCommunicationCoef"=dword:00000000
"SWEccentricityCoef"=dword:00000000
"SWHandlingCoef"=dword:00000000
"SWKickingCoef"=dword:00000000
"SWOneOnOnesCoef"=dword:00000005
"SWReflexesCoef"=dword:00000005
"SWRushingOutCoef"=dword:00000000
"SWTendencyToPunchCoef"=dword:00000000
"SWThrowingCoef"=dword:00000000
"SWAdaptabilityCoef"=dword:00000005
"SWAmbitionCoef"=dword:0000000a
"SWControversyCoef"=dword:fffffffb
"SWLoyalityCoef"=dword:00000005
"SWPressureCoef"=dword:00000005
"SWProfessionalismCoef"=dword:00000005
"SWSportsmanshipCoef"=dword:00000005
"SWTemperamentCoef"=dword:00000005
"CBWeightCoef"=dword:00000064
"CBCurrentAbilityCoef"=dword:00000000
"CBCornersCoef"=dword:00000000
"CBCrossingCoef"=dword:00000000
"CBDribblingCoef"=dword:00000000
"CBFinishingCoef"=dword:00000000
"CBFirstTouchCoef"=dword:00000014
"CBFreeKicksCoef"=dword:0000000a
"CBHeadingCoef"=dword:00000064
"CBLongShotsCoef"=dword:0000000a
"CBLongThrowsCoef"=dword:00000000
"CBMarkingCoef"=dword:00000050
"CBPassingCoef"=dword:00000014
"CBPenaltiesCoef"=dword:00000005
"CBTacklingCoef"=dword:00000064
"CBTechniqueCoef"=dword:0000000a
"CBLeftFootCoef"=dword:00000005
"CBRightFootCoef"=dword:00000005
"CBAggressionCoef"=dword:00000014
"CBAnticipationCoef"=dword:00000014
"CBBraveryCoef"=dword:00000028
"CBComposureCoef"=dword:00000014
"CBConcentrationCoef"=dword:00000028
"CBConsistencyCoef"=dword:0000000a
"CBCreativityCoef"=dword:0000000a
"CBDecisionsCoef"=dword:00000014
"CBDeterminationCoef"=dword:0000000a
"CBDirtinessCoef"=dword:ffffffec
"CBFlairCoef"=dword:00000000
"CBImportantMatchesCoef"=dword:0000000a
"CBInfluenceCoef"=dword:0000000a
"CBOffTheBallCoef"=dword:0000000a
"CBPositioningCoef"=dword:00000050
"CBTeamworkCoef"=dword:00000028
"CBWorkRateCoef"=dword:00000014
"CBAccelerationCoef"=dword:00000028
"CBAgilityCoef"=dword:0000000a
"CBBalanceCoef"=dword:00000014
"CBInjuryPronenessCoef"=dword:fffffffb
"CBJumpingCoef"=dword:00000064
"CBNaturalFitnessCoef"=dword:00000005
"CBPaceCoef"=dword:0000001e
"CBStaminaCoef"=dword:0000000a
"CBStrengthCoef"=dword:0000003c
"CBVersatilityCoef"=dword:00000005
"CBAerialAbilityCoef"=dword:00000000
"CBCommandOfAreaCoef"=dword:00000000
"CBCommunicationCoef"=dword:00000000
"CBEccentricityCoef"=dword:00000000
"CBHandlingCoef"=dword:00000000
"CBKickingCoef"=dword:00000000
"CBOneOnOnesCoef"=dword:00000005
"CBReflexesCoef"=dword:00000005
"CBRushingOutCoef"=dword:00000000
"CBTendencyToPunchCoef"=dword:00000000
"CBThrowingCoef"=dword:00000000
"CBAdaptabilityCoef"=dword:00000005
"CBAmbitionCoef"=dword:0000000a
"CBControversyCoef"=dword:fffffffb
"CBLoyalityCoef"=dword:00000005
"CBPressureCoef"=dword:00000005
"CBProfessionalismCoef"=dword:00000005
"CBSportsmanshipCoef"=dword:00000005
"CBTemperamentCoef"=dword:00000005
"FBWeightCoef"=dword:00000069
"FBCurrentAbilityCoef"=dword:00000000
"FBCornersCoef"=dword:0000000a
"FBCrossingCoef"=dword:0000001e
"FBDribblingCoef"=dword:00000014
"FBFinishingCoef"=dword:00000000
"FBFirstTouchCoef"=dword:00000014
"FBFreeKicksCoef"=dword:0000000a
"FBHeadingCoef"=dword:0000003c
"FBLongShotsCoef"=dword:0000000a
"FBLongThrowsCoef"=dword:0000000a
"FBMarkingCoef"=dword:0000003c
"FBPassingCoef"=dword:0000001e
"FBPenaltiesCoef"=dword:00000005
"FBTacklingCoef"=dword:00000064
"FBTechniqueCoef"=dword:00000014
"FBLeftFootCoef"=dword:00000005
"FBRightFootCoef"=dword:00000005
"FBAggressionCoef"=dword:0000000f
"FBAnticipationCoef"=dword:00000050
"FBBraveryCoef"=dword:00000014
"FBComposureCoef"=dword:0000000a
"FBConcentrationCoef"=dword:0000001e
"FBConsistencyCoef"=dword:0000000a
"FBCreativityCoef"=dword:0000000a
"FBDecisionsCoef"=dword:00000014
"FBDeterminationCoef"=dword:0000000a
"FBDirtinessCoef"=dword:fffffff6
"FBFlairCoef"=dword:00000005
"FBImportantMatchesCoef"=dword:0000000a
"FBInfluenceCoef"=dword:0000000a
"FBOffTheBallCoef"=dword:00000014
"FBPositioningCoef"=dword:00000064
"FBTeamworkCoef"=dword:00000014
"FBWorkRateCoef"=dword:00000014
"FBAccelerationCoef"=dword:0000003c
"FBAgilityCoef"=dword:0000000a
"FBBalanceCoef"=dword:00000014
"FBInjuryPronenessCoef"=dword:fffffffb
"FBJumpingCoef"=dword:0000003c
"FBNaturalFitnessCoef"=dword:00000005
"FBPaceCoef"=dword:00000050
"FBStaminaCoef"=dword:0000003c
"FBStrengthCoef"=dword:00000028
"FBVersatilityCoef"=dword:00000005
"FBAerialAbilityCoef"=dword:00000000
"FBCommandOfAreaCoef"=dword:00000000
"FBCommunicationCoef"=dword:00000000
"FBEccentricityCoef"=dword:00000000
"FBHandlingCoef"=dword:00000000
"FBKickingCoef"=dword:00000000
"FBOneOnOnesCoef"=dword:00000005
"FBReflexesCoef"=dword:00000005
"FBRushingOutCoef"=dword:00000000
"FBTendencyToPunchCoef"=dword:00000000
"FBThrowingCoef"=dword:00000000
"FBAdaptabilityCoef"=dword:00000005
"FBAmbitionCoef"=dword:0000000a
"FBControversyCoef"=dword:fffffffb
"FBLoyalityCoef"=dword:00000005
"FBPressureCoef"=dword:00000005
"FBProfessionalismCoef"=dword:00000005
"FBSportsmanshipCoef"=dword:00000005
"FBTemperamentCoef"=dword:00000005
"WBWeightCoef"=dword:0000006c
"WBCurrentAbilityCoef"=dword:00000000
"WBCornersCoef"=dword:0000000a
"WBCrossingCoef"=dword:0000003c
"WBDribblingCoef"=dword:00000028
"WBFinishingCoef"=dword:0000000a
"WBFirstTouchCoef"=dword:00000014
"WBFreeKicksCoef"=dword:0000000a
"WBHeadingCoef"=dword:00000028
"WBLongShotsCoef"=dword:00000014
"WBLongThrowsCoef"=dword:0000000a
"WBMarkingCoef"=dword:0000003c
"WBPassingCoef"=dword:00000028
"WBPenaltiesCoef"=dword:00000005
"WBTacklingCoef"=dword:00000064
"WBTechniqueCoef"=dword:00000028
"WBLeftFootCoef"=dword:00000005
"WBRightFootCoef"=dword:00000005
"WBAggressionCoef"=dword:0000000a
"WBAnticipationCoef"=dword:00000050
"WBBraveryCoef"=dword:0000000a
"WBComposureCoef"=dword:0000000a
"WBConcentrationCoef"=dword:00000014
"WBConsistencyCoef"=dword:0000000a
"WBCreativityCoef"=dword:00000014
"WBDecisionsCoef"=dword:00000014
"WBDeterminationCoef"=dword:0000000a
"WBDirtinessCoef"=dword:fffffff6
"WBFlairCoef"=dword:0000000a
"WBImportantMatchesCoef"=dword:0000000a
"WBInfluenceCoef"=dword:0000000a
"WBOffTheBallCoef"=dword:00000014
"WBPositioningCoef"=dword:00000064
"WBTeamworkCoef"=dword:00000014
"WBWorkRateCoef"=dword:00000028
"WBAccelerationCoef"=dword:00000050
"WBAgilityCoef"=dword:0000000a
"WBBalanceCoef"=dword:00000014
"WBInjuryPronenessCoef"=dword:fffffffb
"WBJumpingCoef"=dword:00000014
"WBNaturalFitnessCoef"=dword:00000005
"WBPaceCoef"=dword:00000064
"WBStaminaCoef"=dword:00000050
"WBStrengthCoef"=dword:00000028
"WBVersatilityCoef"=dword:00000005
"WBAerialAbilityCoef"=dword:00000000
"WBCommandOfAreaCoef"=dword:00000000
"WBCommunicationCoef"=dword:00000000
"WBEccentricityCoef"=dword:00000000
"WBHandlingCoef"=dword:00000000
"WBKickingCoef"=dword:00000000
"WBOneOnOnesCoef"=dword:00000005
"WBReflexesCoef"=dword:00000005
"WBRushingOutCoef"=dword:00000000
"WBTendencyToPunchCoef"=dword:00000000
"WBThrowingCoef"=dword:00000000
"WBAdaptabilityCoef"=dword:00000005
"WBAmbitionCoef"=dword:0000000a
"WBControversyCoef"=dword:fffffffb
"WBLoyalityCoef"=dword:00000005
"WBPressureCoef"=dword:00000005
"WBProfessionalismCoef"=dword:00000005
"WBSportsmanshipCoef"=dword:00000005
"WBTemperamentCoef"=dword:00000005
"DMWeightCoef"=dword:00000067
"DMCurrentAbilityCoef"=dword:00000000
"DMCornersCoef"=dword:0000000a
"DMCrossingCoef"=dword:0000001e
"DMDribblingCoef"=dword:00000014
"DMFinishingCoef"=dword:0000000a
"DMFirstTouchCoef"=dword:0000001e
"DMFreeKicksCoef"=dword:0000000a
"DMHeadingCoef"=dword:00000028
"DMLongShotsCoef"=dword:00000014
"DMLongThrowsCoef"=dword:00000005
"DMMarkingCoef"=dword:0000003c
"DMPassingCoef"=dword:00000028
"DMPenaltiesCoef"=dword:00000005
"DMTacklingCoef"=dword:00000064
"DMTechniqueCoef"=dword:0000001e
"DMLeftFootCoef"=dword:00000005
"DMRightFootCoef"=dword:00000005
"DMAggressionCoef"=dword:00000028
"DMAnticipationCoef"=dword:00000028
"DMBraveryCoef"=dword:00000014
"DMComposureCoef"=dword:0000000a
"DMConcentrationCoef"=dword:00000014
"DMConsistencyCoef"=dword:0000000a
"DMCreativityCoef"=dword:00000014
"DMDecisionsCoef"=dword:00000014
"DMDeterminationCoef"=dword:0000000a
"DMDirtinessCoef"=dword:fffffff6
"DMFlairCoef"=dword:0000000a
"DMImportantMatchesCoef"=dword:0000000a
"DMInfluenceCoef"=dword:0000000a
"DMOffTheBallCoef"=dword:0000001e
"DMPositioningCoef"=dword:00000050
"DMTeamworkCoef"=dword:00000028
"DMWorkRateCoef"=dword:00000050
"DMAccelerationCoef"=dword:00000028
"DMAgilityCoef"=dword:0000000a
"DMBalanceCoef"=dword:0000000a
"DMInjuryPronenessCoef"=dword:fffffffb
"DMJumpingCoef"=dword:00000028
"DMNaturalFitnessCoef"=dword:00000005
"DMPaceCoef"=dword:00000028
"DMStaminaCoef"=dword:0000003c
"DMStrengthCoef"=dword:00000028
"DMVersatilityCoef"=dword:00000005
"DMAerialAbilityCoef"=dword:00000000
"DMCommandOfAreaCoef"=dword:00000000
"DMCommunicationCoef"=dword:00000000
"DMEccentricityCoef"=dword:00000000
"DMHandlingCoef"=dword:00000000
"DMKickingCoef"=dword:00000000
"DMOneOnOnesCoef"=dword:00000005
"DMReflexesCoef"=dword:00000005
"DMRushingOutCoef"=dword:00000000
"DMTendencyToPunchCoef"=dword:00000000
"DMThrowingCoef"=dword:00000000
"DMAdaptabilityCoef"=dword:00000005
"DMAmbitionCoef"=dword:0000000a
"DMControversyCoef"=dword:fffffffb
"DMLoyalityCoef"=dword:00000005
"DMPressureCoef"=dword:00000005
"DMProfessionalismCoef"=dword:00000005
"DMSportsmanshipCoef"=dword:00000005
"DMTemperamentCoef"=dword:00000005
"MWeightCoef"=dword:00000068
"MCurrentAbilityCoef"=dword:00000000
"MCornersCoef"=dword:0000000a
"MCrossingCoef"=dword:00000028
"MDribblingCoef"=dword:00000032
"MFinishingCoef"=dword:00000014
"MFirstTouchCoef"=dword:0000001e
"MFreeKicksCoef"=dword:0000000a
"MHeadingCoef"=dword:0000001e
"MLongShotsCoef"=dword:00000014
"MLongThrowsCoef"=dword:00000005
"MMarkingCoef"=dword:00000028
"MPassingCoef"=dword:00000046
"MPenaltiesCoef"=dword:00000005
"MTacklingCoef"=dword:0000003c
"MTechniqueCoef"=dword:00000032
"MLeftFootCoef"=dword:00000005
"MRightFootCoef"=dword:00000005
"MAggressionCoef"=dword:0000001e
"MAnticipationCoef"=dword:00000028
"MBraveryCoef"=dword:0000000a
"MComposureCoef"=dword:0000000a
"MConcentrationCoef"=dword:0000000a
"MConsistencyCoef"=dword:0000000a
"MCreativityCoef"=dword:0000003c
"MDecisionsCoef"=dword:0000001e
"MDeterminationCoef"=dword:0000000a
"MDirtinessCoef"=dword:fffffffb
"MFlairCoef"=dword:0000000a
"MImportantMatchesCoef"=dword:0000000a
"MInfluenceCoef"=dword:0000000a
"MOffTheBallCoef"=dword:00000028
"MPositioningCoef"=dword:00000028
"MTeamworkCoef"=dword:00000032
"MWorkRateCoef"=dword:00000032
"MAccelerationCoef"=dword:00000032
"MAgilityCoef"=dword:0000000a
"MBalanceCoef"=dword:0000000a
"MInjuryPronenessCoef"=dword:fffffffb
"MJumpingCoef"=dword:00000028
"MNaturalFitnessCoef"=dword:00000005
"MPaceCoef"=dword:00000028
"MStaminaCoef"=dword:0000003c
"MStrengthCoef"=dword:0000001e
"MVersatilityCoef"=dword:00000005
"MAerialAbilityCoef"=dword:00000000
"MCommandOfAreaCoef"=dword:00000000
"MCommunicationCoef"=dword:00000000
"MEccentricityCoef"=dword:00000000
"MHandlingCoef"=dword:00000000
"MKickingCoef"=dword:00000000
"MOneOnOnesCoef"=dword:00000005
"MReflexesCoef"=dword:00000005
"MRushingOutCoef"=dword:00000000
"MTendencyToPunchCoef"=dword:00000000
"MThrowingCoef"=dword:00000000
"MAdaptabilityCoef"=dword:00000005
"MAmbitionCoef"=dword:0000000a
"MControversyCoef"=dword:fffffffb
"MLoyalityCoef"=dword:00000005
"MPressureCoef"=dword:00000005
"MProfessionalismCoef"=dword:00000005
"MSportsmanshipCoef"=dword:00000005
"MTemperamentCoef"=dword:00000005
"AMWeightCoef"=dword:00000068
"AMCurrentAbilityCoef"=dword:00000000
"AMCornersCoef"=dword:0000000a
"AMCrossingCoef"=dword:0000003c
"AMDribblingCoef"=dword:00000050
"AMFinishingCoef"=dword:00000028
"AMFirstTouchCoef"=dword:0000001e
"AMFreeKicksCoef"=dword:0000000a
"AMHeadingCoef"=dword:00000014
"AMLongShotsCoef"=dword:00000014
"AMLongThrowsCoef"=dword:00000005
"AMMarkingCoef"=dword:0000000a
"AMPassingCoef"=dword:00000064
"AMPenaltiesCoef"=dword:00000005
"AMTacklingCoef"=dword:0000000a
"AMTechniqueCoef"=dword:00000050
"AMLeftFootCoef"=dword:00000005
"AMRightFootCoef"=dword:00000005
"AMAggressionCoef"=dword:0000000a
"AMAnticipationCoef"=dword:0000001e
"AMBraveryCoef"=dword:0000000a
"AMComposureCoef"=dword:0000000a
"AMConcentrationCoef"=dword:0000000a
"AMConsistencyCoef"=dword:0000000a
"AMCreativityCoef"=dword:00000064
"AMDecisionsCoef"=dword:00000028
"AMDeterminationCoef"=dword:0000000a
"AMDirtinessCoef"=dword:fffffffb
"AMFlairCoef"=dword:00000014
"AMImportantMatchesCoef"=dword:0000000a
"AMInfluenceCoef"=dword:0000000a
"AMOffTheBallCoef"=dword:0000003c
"AMPositioningCoef"=dword:00000014
"AMTeamworkCoef"=dword:0000003c
"AMWorkRateCoef"=dword:00000014
"AMAccelerationCoef"=dword:0000003c
"AMAgilityCoef"=dword:0000000a
"AMBalanceCoef"=dword:0000000a
"AMInjuryPronenessCoef"=dword:fffffffb
"AMJumpingCoef"=dword:00000014
"AMNaturalFitnessCoef"=dword:00000005
"AMPaceCoef"=dword:0000003c
"AMStaminaCoef"=dword:0000003c
"AMStrengthCoef"=dword:00000014
"AMVersatilityCoef"=dword:00000005
"AMAerialAbilityCoef"=dword:00000000
"AMCommandOfAreaCoef"=dword:00000000
"AMCommunicationCoef"=dword:00000000
"AMEccentricityCoef"=dword:00000000
"AMHandlingCoef"=dword:00000000
"AMKickingCoef"=dword:00000000
"AMOneOnOnesCoef"=dword:00000005
"AMReflexesCoef"=dword:00000005
"AMRushingOutCoef"=dword:00000000
"AMTendencyToPunchCoef"=dword:00000000
"AMThrowingCoef"=dword:00000000
"AMAdaptabilityCoef"=dword:00000005
"AMAmbitionCoef"=dword:0000000a
"AMControversyCoef"=dword:fffffffb
"AMLoyalityCoef"=dword:00000005
"AMPressureCoef"=dword:00000005
"AMProfessionalismCoef"=dword:00000005
"AMSportsmanshipCoef"=dword:00000005
"AMTemperamentCoef"=dword:00000005
"WWeightCoef"=dword:00000069
"WCurrentAbilityCoef"=dword:00000000
"WCornersCoef"=dword:0000000a
"WCrossingCoef"=dword:00000064
"WDribblingCoef"=dword:00000064
"WFinishingCoef"=dword:0000003c
"WFirstTouchCoef"=dword:0000001e
"WFreeKicksCoef"=dword:0000000a
"WHeadingCoef"=dword:00000014
"WLongShotsCoef"=dword:00000014
"WLongThrowsCoef"=dword:00000005
"WMarkingCoef"=dword:0000000a
"WPassingCoef"=dword:0000003c
"WPenaltiesCoef"=dword:00000005
"WTacklingCoef"=dword:0000000a
"WTechniqueCoef"=dword:00000050
"WLeftFootCoef"=dword:00000005
"WRightFootCoef"=dword:00000005
"WAggressionCoef"=dword:0000000a
"WAnticipationCoef"=dword:00000014
"WBraveryCoef"=dword:0000000a
"WComposureCoef"=dword:0000000a
"WConcentrationCoef"=dword:0000000a
"WConsistencyCoef"=dword:0000000a
"WCreativityCoef"=dword:0000003c
"WDecisionsCoef"=dword:00000014
"WDeterminationCoef"=dword:0000000a
"WDirtinessCoef"=dword:fffffffb
"WFlairCoef"=dword:0000000a
"WImportantMatchesCoef"=dword:00000014
"WInfluenceCoef"=dword:0000000a
"WOffTheBallCoef"=dword:0000003c
"WPositioningCoef"=dword:00000014
"WTeamworkCoef"=dword:0000001e
"WWorkRateCoef"=dword:0000001e
"WAccelerationCoef"=dword:00000050
"WAgilityCoef"=dword:00000014
"WBalanceCoef"=dword:0000000a
"WInjuryPronenessCoef"=dword:fffffffb
"WJumpingCoef"=dword:00000014
"WNaturalFitnessCoef"=dword:00000005
"WPaceCoef"=dword:00000064
"WStaminaCoef"=dword:0000003c
"WStrengthCoef"=dword:00000014
"WVersatilityCoef"=dword:00000005
"WAerialAbilityCoef"=dword:00000000
"WCommandOfAreaCoef"=dword:00000000
"WCommunicationCoef"=dword:00000000
"WEccentricityCoef"=dword:00000000
"WHandlingCoef"=dword:00000000
"WKickingCoef"=dword:00000000
"WOneOnOnesCoef"=dword:00000005
"WReflexesCoef"=dword:00000005
"WRushingOutCoef"=dword:00000000
"WTendencyToPunchCoef"=dword:00000000
"WThrowingCoef"=dword:00000000
"WAdaptabilityCoef"=dword:00000005
"WAmbitionCoef"=dword:0000000a
"WControversyCoef"=dword:fffffffb
"WLoyalityCoef"=dword:00000005
"WPressureCoef"=dword:00000005
"WProfessionalismCoef"=dword:00000005
"WSportsmanshipCoef"=dword:00000005
"WTemperamentCoef"=dword:00000005
"FSTWeightCoef"=dword:00000067
"FSTCurrentAbilityCoef"=dword:00000000
"FSTCornersCoef"=dword:0000000a
"FSTCrossingCoef"=dword:0000000a
"FSTDribblingCoef"=dword:00000050
"FSTFinishingCoef"=dword:00000064
"FSTFirstTouchCoef"=dword:00000028
"FSTFreeKicksCoef"=dword:0000000a
"FSTHeadingCoef"=dword:00000028
"FSTLongShotsCoef"=dword:00000014
"FSTLongThrowsCoef"=dword:00000000
"FSTMarkingCoef"=dword:00000000
"FSTPassingCoef"=dword:00000028
"FSTPenaltiesCoef"=dword:00000005
"FSTTacklingCoef"=dword:00000000
"FSTTechniqueCoef"=dword:00000050
"FSTLeftFootCoef"=dword:00000005
"FSTRightFootCoef"=dword:00000005
"FSTAggressionCoef"=dword:0000000a
"FSTAnticipationCoef"=dword:0000000a
"FSTBraveryCoef"=dword:0000000a
"FSTComposureCoef"=dword:0000000a
"FSTConcentrationCoef"=dword:0000000a
"FSTConsistencyCoef"=dword:0000000a
"FSTCreativityCoef"=dword:00000028
"FSTDecisionsCoef"=dword:0000000a
"FSTDeterminationCoef"=dword:0000000a
"FSTDirtinessCoef"=dword:fffffffb
"FSTFlairCoef"=dword:0000000a
"FSTImportantMatchesCoef"=dword:0000000a
"FSTInfluenceCoef"=dword:0000000a
"FSTOffTheBallCoef"=dword:00000050
"FSTPositioningCoef"=dword:0000000a
"FSTTeamworkCoef"=dword:0000000a
"FSTWorkRateCoef"=dword:0000000a
"FSTAccelerationCoef"=dword:00000064
"FSTAgilityCoef"=dword:00000028
"FSTBalanceCoef"=dword:0000000a
"FSTInjuryPronenessCoef"=dword:fffffffb
"FSTJumpingCoef"=dword:00000014
"FSTNaturalFitnessCoef"=dword:00000005
"FSTPaceCoef"=dword:00000064
"FSTStaminaCoef"=dword:00000028
"FSTStrengthCoef"=dword:00000014
"FSTVersatilityCoef"=dword:00000005
"FSTAerialAbilityCoef"=dword:00000000
"FSTCommandOfAreaCoef"=dword:00000000
"FSTCommunicationCoef"=dword:00000000
"FSTEccentricityCoef"=dword:00000000
"FSTHandlingCoef"=dword:00000000
"FSTKickingCoef"=dword:00000000
"FSTOneOnOnesCoef"=dword:00000005
"FSTReflexesCoef"=dword:00000005
"FSTRushingOutCoef"=dword:00000000
"FSTTendencyToPunchCoef"=dword:00000000
"FSTThrowingCoef"=dword:00000000
"FSTAdaptabilityCoef"=dword:00000005
"FSTAmbitionCoef"=dword:0000000a
"FSTControversyCoef"=dword:fffffffb
"FSTLoyalityCoef"=dword:00000005
"FSTPressureCoef"=dword:00000005
"FSTProfessionalismCoef"=dword:00000005
"FSTSportsmanshipCoef"=dword:00000005
"FSTTemperamentCoef"=dword:00000005
"TSTWeightCoef"=dword:00000067
"TSTCurrentAbilityCoef"=dword:00000000
"TSTCornersCoef"=dword:00000000
"TSTCrossingCoef"=dword:0000000a
"TSTDribblingCoef"=dword:0000003c
"TSTFinishingCoef"=dword:00000050
"TSTFirstTouchCoef"=dword:0000001e
"TSTFreeKicksCoef"=dword:0000000a
"TSTHeadingCoef"=dword:00000064
"TSTLongShotsCoef"=dword:00000014
"TSTLongThrowsCoef"=dword:00000000
"TSTMarkingCoef"=dword:00000000
"TSTPassingCoef"=dword:00000028
"TSTPenaltiesCoef"=dword:00000005
"TSTTacklingCoef"=dword:00000000
"TSTTechniqueCoef"=dword:00000028
"TSTLeftFootCoef"=dword:00000005
"TSTRightFootCoef"=dword:00000005
"TSTAggressionCoef"=dword:00000014
"TSTAnticipationCoef"=dword:0000000a
"TSTBraveryCoef"=dword:00000014
"TSTComposureCoef"=dword:0000000a
"TSTConcentrationCoef"=dword:0000000a
"TSTConsistencyCoef"=dword:0000000a
"TSTCreativityCoef"=dword:00000014
"TSTDecisionsCoef"=dword:0000000a
"TSTDeterminationCoef"=dword:0000000a
"TSTDirtinessCoef"=dword:fffffffb
"TSTFlairCoef"=dword:0000000a
"TSTImportantMatchesCoef"=dword:0000000a
"TSTInfluenceCoef"=dword:0000000a
"TSTOffTheBallCoef"=dword:00000050
"TSTPositioningCoef"=dword:00000014
"TSTTeamworkCoef"=dword:0000000a
"TSTWorkRateCoef"=dword:0000000a
"TSTAccelerationCoef"=dword:00000028
"TSTAgilityCoef"=dword:00000014
"TSTBalanceCoef"=dword:00000014
"TSTInjuryPronenessCoef"=dword:fffffffb
"TSTJumpingCoef"=dword:00000064
"TSTNaturalFitnessCoef"=dword:00000005
"TSTPaceCoef"=dword:00000028
"TSTStaminaCoef"=dword:00000014
"TSTStrengthCoef"=dword:00000050
"TSTVersatilityCoef"=dword:00000005
"TSTAerialAbilityCoef"=dword:00000000
"TSTCommandOfAreaCoef"=dword:00000000
"TSTCommunicationCoef"=dword:00000000
"TSTEccentricityCoef"=dword:00000000
"TSTHandlingCoef"=dword:00000000
"TSTKickingCoef"=dword:00000000
"TSTOneOnOnesCoef"=dword:00000005
"TSTReflexesCoef"=dword:00000005
"TSTRushingOutCoef"=dword:00000000
"TSTTendencyToPunchCoef"=dword:00000000
"TSTThrowingCoef"=dword:00000000
"TSTAdaptabilityCoef"=dword:00000005
"TSTAmbitionCoef"=dword:0000000a
"TSTControversyCoef"=dword:fffffffb
"TSTLoyalityCoef"=dword:00000005
"TSTPressureCoef"=dword:00000005
"TSTProfessionalismCoef"=dword:00000005
"TSTSportsmanshipCoef"=dword:00000005
"TSTTemperamentCoef"=dword:00000005
.
[HKEY_USERS\S-1-5-21-4084055621-2455302966-1550939352-1007\Software\G*e*n*i*e*"!\FM Genie Scout 2009 XE]
"GameDir"="c:\\Documents and Settings\\Compaq_Owner\\My Documents\\Sports Interactive\\Football Manager 2009\\games"
"ShortlistDir"=""
"ScreenshotsDir"="c:\\Documents and Settings\\Compaq_Owner\\My Documents\\Sports Interactive\\Football Manager 2009"
"SaveDir"="c:\\Documents and Settings\\Compaq_Owner\\My Documents\\Sports Interactive\\Football Manager 2009\\"
"HistoryDir"="c:\\Documents and Settings\\Compaq_Owner\\Desktop\\fm_genie_scout_2009_xe\\FM Genie Scout 2009 XE\\History Points"
"LangDB"="c:\\Program Files\\Sports Interactive\\Football Manager 2009\\data\\updates\\update-910\\db\\910\\lang_db.dat"
"LastSaveGame"=""
"Language"="English"
"LoadLangDB"=dword:00000001
"CompressHistoryPoints"=dword:00000000
"HighlightedAttributes"=dword:00000000
"MinCondition"=dword:00000032
"SkinName"="Champions League"
"LastUpdateCheck"=dword:00000000
"HighQualityGUI"=dword:00000001
"AutomaticallyUpdateCheck"=dword:00000001
"AdvancedGeneration"=dword:00000000
"TranslateStaffSkills"=dword:00000001
"TranslatePlayerSkills"=dword:00000001
"TranslatePositions"=dword:00000001
"ShowHistory"=dword:00000001
"Version"=dword:00000067
"UniqueID"="94-0E50-44BF"
"Currency"=dword:00000056
"UseProxy"=dword:00000000
"ProxyHost"=""
"ProxyPort"=""
"UseAuthentication"=dword:00000000
"UserName"=""
"UserPassword"=""
"GraphStep"=dword:00000000
.
[HKEY_USERS\S-1-5-21-4084055621-2455302966-1550939352-1007\Software\SecuROM\License information*]
"datasecu"=hex:7e,a9,52,34,a3,16,49,63,a4,6d,a8,f4,7f,76,57,ae,6c,ac,d1,9a,ee,
01,2e,b2,1b,51,64,2a,1e,48,b9,b4,a5,96,5b,74,e5,5f,b0,04,8d,5c,2a,fe,aa,e5,\
"rkeysecu"=hex:ea,b5,0e,05,8d,5f,99,06,e2,97,8c,9d,0d,82,c7,39
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{5ED60779-4DE2-4E07-B862-974CA4FF2E9C}]
@Denied: (Full) (Everyone)
"scansk"=hex(0):33,60,2a,b1,51,6b,d4,5f,e5,4a,bf,b4,30,bf,04,ca,00,00,0e,46,88,
93,21,ee,61,7f,7c,6f,31,4e,65,0a,2d,a3,ca,0e,e1,dd,bb,e6,00,00,00,00,00,00,\
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{f3cbcafc-5054-4b83-9d95-5da5ccb83342}]
@Denied: (Full) (Everyone)
"Model"=dword:00000055
"Therad"=dword:0000001e
"MData"=hex(0):2b,8f,78,29,5a,0c,ce,ec,48,d4,68,e5,9f,6a,96,3e,ab,de,c5,81,26,
38,95,44,85,b1,12,f9,90,dd,23,a1,49,8c,bf,1a,9d,fe,41,71,cb,3f,46,a4,7c,ab,\
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'winlogon.exe'(1400)
c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll
.
- - - - - - - > 'explorer.exe'(1808)
c:\windows\system32\WININET.dll
c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\MSVCR80.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\program files\Nokia\Nokia PC Suite 7\phonebrowser.dll
c:\program files\Nokia\Nokia PC Suite 7\NGSCM.DLL
c:\program files\Nokia\Nokia PC Suite 7\Lang\PhoneBrowser_eng.nlr
c:\program files\Nokia\Nokia PC Suite 7\Resource\PhoneBrowser_Nokia.ngr
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Java\jre7\bin\jqs.exe
c:\windows\System32\snmp.exe
c:\windows\SOUNDMAN.EXE
c:\windows\ALCWZRD.EXE
c:\windows\AGRSMMSG.exe
c:\windows\system32\imapi.exe
.
**************************************************************************
.
Completion time: 2012-11-20 13:19:48 - machine was rebooted
ComboFix-quarantined-files.txt 2012-11-20 13:10
ComboFix2.txt 2012-10-26 05:06
ComboFix3.txt 2010-12-28 10:16
.
Pre-Run: 97,690,824,704 bytes free
Post-Run: 97,666,146,304 bytes free
.
- - End Of File - - 47F08FC6836C9E42BD710B4B35CA6D4A
  • 0

#35
Nedklaw
Posted 23 November 2012 - 05:21 PM

Nedklaw

    Trusted Helper

  • Malware Removal
  • 1,652 posts
Hi. :)
Are there any other systems using the same router that are having the same problems?


Step 1

Run TDSSKiller using the same instructions as before.
A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste its contents in your next reply.


Things I want to see in your next reply

  • Answer to my question
  • TDSSKiller.[Version]_[Date]_[Time]_log.txt
  • 0

#36
younggeeza
Posted 24 November 2012 - 05:58 AM

younggeeza

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 112 posts
All of the computers in the house use the same router and my pc is the only one with it. Doesn't look like TDSS found anything new. I had all the boxes ticked for my scan.

11:52:39.0000 3004 TDSS rootkit removing tool 2.8.7.0 Aug 20 2012 17:30:03
11:52:39.0078 3004 ============================================================
11:52:39.0078 3004 Current date / time: 2012/11/24 11:52:39.0078
11:52:39.0078 3004 SystemInfo:
11:52:39.0078 3004
11:52:39.0078 3004 OS Version: 5.1.2600 ServicePack: 3.0
11:52:39.0078 3004 Product type: Workstation
11:52:39.0093 3004 ComputerName: SILVER-LIGHTNIN
11:52:39.0093 3004 UserName: Compaq_Owner
11:52:39.0093 3004 Windows directory: C:\WINDOWS
11:52:39.0093 3004 System windows directory: C:\WINDOWS
11:52:39.0093 3004 Processor architecture: Intel x86
11:52:39.0093 3004 Number of processors: 2
11:52:39.0093 3004 Page size: 0x1000
11:52:39.0093 3004 Boot type: Normal boot
11:52:39.0093 3004 ============================================================
11:52:39.0921 3004 BG loaded
11:52:40.0250 3004 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x7E2D, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000054
11:52:40.0375 3004 Drive \Device\Harddisk5\DR7 - Size: 0xEF0000000 (59.75 Gb), SectorSize: 0x200, Cylinders: 0x1E77, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
11:52:40.0375 3004 ============================================================
11:52:40.0375 3004 \Device\Harddisk0\DR0:
11:52:40.0375 3004 MBR partitions:
11:52:40.0375 3004 \Device\Harddisk0\DR0\Partition1: MBR, Type 0xB, StartLBA 0x3F, BlocksNum 0x7E32F1
11:52:40.0375 3004 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x7E3330, BlocksNum 0x1C9DD390
11:52:40.0375 3004 \Device\Harddisk5\DR7:
11:52:40.0375 3004 MBR partitions:
11:52:40.0375 3004 ============================================================
11:52:40.0421 3004 C: <-> \Device\Harddisk0\DR0\Partition2
11:52:40.0421 3004 D: <-> \Device\Harddisk0\DR0\Partition1
11:52:40.0421 3004 ============================================================
11:52:40.0421 3004 Initialize success
11:52:40.0421 3004 ============================================================
11:52:47.0046 3236 ============================================================
11:52:47.0046 3236 Scan started
11:52:47.0046 3236 Mode: Manual; SigCheck; TDLFS;
11:52:47.0046 3236 ============================================================
11:52:47.0281 3236 ================ Scan system memory ========================
11:52:47.0281 3236 System memory - ok
11:52:47.0281 3236 ================ Scan services =============================
11:52:47.0390 3236 Abiosdsk - ok
11:52:47.0390 3236 abp480n5 - ok
11:52:47.0421 3236 [ 8FD99680A539792A30E97944FDAECF17 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
11:52:47.0859 3236 ACPI - ok
11:52:47.0890 3236 [ 9859C0F6936E723E4892D7141B1327D5 ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
11:52:48.0015 3236 ACPIEC - ok
11:52:48.0031 3236 [ B05F2367F62552A2DE7E3C352B7B9885 ] ADM8511 C:\WINDOWS\system32\DRIVERS\ADM8511.SYS
11:52:48.0093 3236 ADM8511 - ok
11:52:48.0093 3236 adpu160m - ok
11:52:48.0125 3236 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys
11:52:48.0250 3236 aec - ok
11:52:48.0281 3236 [ 023867B6606FBABCDD52E089C4A507DA ] AegisP C:\WINDOWS\system32\DRIVERS\AegisP.sys
11:52:48.0296 3236 AegisP ( UnsignedFile.Multi.Generic ) - warning
11:52:48.0296 3236 AegisP - detected UnsignedFile.Multi.Generic (1)
11:52:48.0328 3236 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys
11:52:48.0359 3236 AFD - ok
11:52:48.0421 3236 [ 994A42D273C35B43EE9D1E8A5D8BC639 ] AgereSoftModem C:\WINDOWS\system32\DRIVERS\AGRSM.sys
11:52:48.0718 3236 AgereSoftModem - ok
11:52:48.0734 3236 Aha154x - ok
11:52:48.0750 3236 aic78u2 - ok
11:52:48.0750 3236 aic78xx - ok
11:52:48.0781 3236 [ A9A3DAA780CA6C9671A19D52456705B4 ] Alerter C:\WINDOWS\system32\alrsvc.dll
11:52:48.0906 3236 Alerter - ok
11:52:48.0921 3236 AliIde - ok
11:52:48.0937 3236 [ 8FCE268CDBDD83B23419D1F35F42C7B1 ] AmdK7 C:\WINDOWS\system32\DRIVERS\amdk7.sys
11:52:49.0078 3236 AmdK7 - ok
11:52:49.0093 3236 amsint - ok
11:52:49.0156 3236 [ A8AA9D47F971570A5162B862B80F87E8 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
11:52:49.0187 3236 Apple Mobile Device - ok
11:52:49.0203 3236 AppMgmt - ok
11:52:49.0203 3236 [ B5B8A80875C1DEDEDA8B02765642C32F ] Arp1394 C:\WINDOWS\system32\DRIVERS\arp1394.sys
11:52:49.0343 3236 Arp1394 - ok
11:52:49.0343 3236 asc - ok
11:52:49.0359 3236 asc3350p - ok
11:52:49.0359 3236 asc3550 - ok
11:52:49.0453 3236 [ 776ACEFA0CA9DF0FAA51A5FB2F435705 ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
11:52:49.0468 3236 aspnet_state - ok
11:52:49.0500 3236 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
11:52:49.0625 3236 AsyncMac - ok
11:52:49.0656 3236 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
11:52:49.0796 3236 atapi - ok
11:52:49.0796 3236 Atdisk - ok
11:52:49.0828 3236 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
11:52:49.0937 3236 Atmarpc - ok
11:52:49.0968 3236 [ DEF7A7882BEC100FE0B2CE2549188F9D ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
11:52:50.0109 3236 AudioSrv - ok
11:52:50.0140 3236 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
11:52:50.0265 3236 audstub - ok
11:52:50.0296 3236 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
11:52:50.0437 3236 Beep - ok
11:52:50.0500 3236 [ 8A0B7BD7947F769C2D87F795BC97E766 ] BHDrvx86 C:\WINDOWS\system32\drivers\N360\0300000.087\BHDrvx86.sys
11:52:50.0531 3236 BHDrvx86 - ok
11:52:50.0562 3236 [ 574738F61FCA2935F5265DC4E5691314 ] BITS C:\WINDOWS\system32\qmgr.dll
11:52:50.0718 3236 BITS - ok
11:52:50.0750 3236 [ 9EFE4236F8670846B6E7C5B0EFF6E715 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
11:52:50.0781 3236 Bonjour Service - ok
11:52:50.0843 3236 [ F934D1B230F84E1D19DD00AC5A7A83ED ] Bridge C:\WINDOWS\system32\DRIVERS\bridge.sys
11:52:51.0000 3236 Bridge - ok
11:52:51.0000 3236 [ F934D1B230F84E1D19DD00AC5A7A83ED ] BridgeMP C:\WINDOWS\system32\DRIVERS\bridge.sys
11:52:51.0187 3236 BridgeMP - ok
11:52:51.0234 3236 [ CFD4E51402DA9838B5A04AE680AF54A0 ] Browser C:\WINDOWS\System32\browser.dll
11:52:51.0281 3236 Browser - ok
11:52:51.0296 3236 catchme - ok
11:52:51.0312 3236 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
11:52:51.0500 3236 cbidf2k - ok
11:52:51.0515 3236 [ 0BE5AEF125BE881C4F854C554F2B025C ] CCDECODE C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
11:52:51.0703 3236 CCDECODE - ok
11:52:51.0750 3236 [ 7652F4E64C389B80AC6282339E5FA386 ] ccHP C:\WINDOWS\system32\drivers\N360\0300000.087\ccHPx86.sys
11:52:52.0125 3236 ccHP - ok
11:52:52.0125 3236 cd20xrnt - ok
11:52:52.0156 3236 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
11:52:52.0343 3236 Cdaudio - ok
11:52:52.0359 3236 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
11:52:52.0500 3236 Cdfs - ok
11:52:52.0515 3236 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
11:52:52.0656 3236 Cdrom - ok
11:52:52.0656 3236 Changer - ok
11:52:52.0687 3236 [ 1CFE720EB8D93A7158A4EBC3AB178BDE ] cisvc C:\WINDOWS\system32\cisvc.exe
11:52:52.0828 3236 cisvc - ok
11:52:52.0843 3236 [ 34CBE729F38138217F9C80212A2A0C82 ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
11:52:52.0984 3236 ClipSrv - ok
11:52:53.0031 3236 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
11:52:53.0062 3236 clr_optimization_v2.0.50727_32 - ok
11:52:53.0093 3236 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
11:52:53.0125 3236 clr_optimization_v4.0.30319_32 - ok
11:52:53.0125 3236 CmdIde - ok
11:52:53.0140 3236 COMSysApp - ok
11:52:53.0140 3236 Cpqarray - ok
11:52:53.0187 3236 [ 3D4E199942E29207970E04315D02AD3B ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
11:52:53.0312 3236 CryptSvc - ok
11:52:53.0375 3236 [ A5E67327B49E1F4341D470D8BBCBC401 ] ctac32k C:\WINDOWS\system32\drivers\ctac32k.sys
11:52:53.0406 3236 ctac32k ( UnsignedFile.Multi.Generic ) - warning
11:52:53.0406 3236 ctac32k - detected UnsignedFile.Multi.Generic (1)
11:52:53.0437 3236 [ 29F78D59B053CB8778F8426E4E24099C ] ctdvda2k C:\WINDOWS\system32\drivers\ctdvda2k.sys
11:52:56.0562 3236 ctdvda2k ( UnsignedFile.Multi.Generic ) - warning
11:52:56.0562 3236 ctdvda2k - detected UnsignedFile.Multi.Generic (1)
11:52:56.0609 3236 [ C7FC5D87B06207A5D34697B627826618 ] ctprxy2k C:\WINDOWS\system32\drivers\ctprxy2k.sys
11:52:56.0718 3236 ctprxy2k ( UnsignedFile.Multi.Generic ) - warning
11:52:56.0718 3236 ctprxy2k - detected UnsignedFile.Multi.Generic (1)
11:52:56.0750 3236 [ 2C0AF71CF0E1224A2DFC2B67E63B02B1 ] ctsfm2k C:\WINDOWS\system32\drivers\ctsfm2k.sys
11:52:56.0812 3236 ctsfm2k ( UnsignedFile.Multi.Generic ) - warning
11:52:56.0828 3236 ctsfm2k - detected UnsignedFile.Multi.Generic (1)
11:52:56.0828 3236 dac2w2k - ok
11:52:56.0828 3236 dac960nt - ok
11:52:56.0937 3236 [ 6B27A5C03DFB94B4245739065431322C ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
11:52:57.0000 3236 DcomLaunch - ok
11:52:57.0031 3236 [ 5E38D7684A49CACFB752B046357E0589 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
11:52:57.0171 3236 Dhcp - ok
11:52:57.0187 3236 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
11:52:57.0343 3236 Disk - ok
11:52:57.0343 3236 dmadmin - ok
11:52:57.0406 3236 [ D992FE1274BDE0F84AD826ACAE022A41 ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
11:52:57.0593 3236 dmboot - ok
11:52:57.0609 3236 [ 7C824CF7BBDE77D95C08005717A95F6F ] dmio C:\WINDOWS\system32\drivers\dmio.sys
11:52:57.0750 3236 dmio - ok
11:52:57.0765 3236 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
11:52:57.0906 3236 dmload - ok
11:52:57.0921 3236 [ 57EDEC2E5F59F0335E92F35184BC8631 ] dmserver C:\WINDOWS\System32\dmserver.dll
11:52:58.0046 3236 dmserver - ok
11:52:58.0062 3236 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
11:52:58.0203 3236 DMusic - ok
11:52:58.0234 3236 [ 5F7E24FA9EAB896051FFB87F840730D2 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
11:52:58.0250 3236 Dnscache - ok
11:52:58.0281 3236 [ 0F0F6E687E5E15579EF4DA8DD6945814 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
11:52:58.0421 3236 Dot3svc - ok
11:52:58.0437 3236 dpti2o - ok
11:52:58.0468 3236 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
11:52:58.0593 3236 drmkaud - ok
11:52:58.0593 3236 EagleXNt - ok
11:52:58.0609 3236 [ 2187855A7703ADEF0CEF9EE4285182CC ] EapHost C:\WINDOWS\System32\eapsvc.dll
11:52:58.0750 3236 EapHost - ok
11:52:58.0843 3236 [ 70AEAC5D481B2904B40F2173E280B1B5 ] eeCtrl C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
11:52:58.0953 3236 eeCtrl - ok
11:52:58.0968 3236 EL90XBC - ok
11:52:58.0984 3236 [ 091D37E0F5193F708C9006B1F2E23EE4 ] emupia C:\WINDOWS\system32\drivers\emupia2k.sys
11:52:59.0015 3236 emupia ( UnsignedFile.Multi.Generic ) - warning
11:52:59.0015 3236 emupia - detected UnsignedFile.Multi.Generic (1)
11:52:59.0031 3236 [ 00BD6FC4A873D3341DCF9AEF2D3C841E ] EraserUtilRebootDrv C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
11:52:59.0062 3236 EraserUtilRebootDrv - ok
11:52:59.0093 3236 [ BC93B4A066477954555966D77FEC9ECB ] ERSvc C:\WINDOWS\System32\ersvc.dll
11:52:59.0234 3236 ERSvc - ok
11:52:59.0250 3236 [ 65DF52F5B8B6E9BBD183505225C37315 ] Eventlog C:\WINDOWS\system32\services.exe
11:52:59.0296 3236 Eventlog - ok
11:52:59.0328 3236 [ D4991D98F2DB73C60D042F1AEF79EFAE ] EventSystem C:\WINDOWS\System32\es.dll
11:52:59.0359 3236 EventSystem - ok
11:52:59.0375 3236 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
11:52:59.0515 3236 Fastfat - ok
11:52:59.0546 3236 [ 99BC0B50F511924348BE19C7C7313BBF ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
11:52:59.0578 3236 FastUserSwitchingCompatibility - ok
11:52:59.0609 3236 [ E97D6A8684466DF94FF3BC24FB787A07 ] Fax C:\WINDOWS\system32\fxssvc.exe
11:52:59.0765 3236 Fax - ok
11:52:59.0781 3236 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\DRIVERS\fdc.sys
11:52:59.0906 3236 Fdc - ok
11:52:59.0937 3236 [ D45926117EB9FA946A6AF572FBE1CAA3 ] Fips C:\WINDOWS\system32\drivers\Fips.sys
11:53:00.0078 3236 Fips - ok
11:53:00.0093 3236 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\DRIVERS\flpydisk.sys
11:53:00.0218 3236 Flpydisk - ok
11:53:00.0234 3236 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
11:53:00.0375 3236 FltMgr - ok
11:53:00.0437 3236 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
11:53:00.0468 3236 FontCache3.0.0.0 - ok
11:53:00.0484 3236 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
11:53:00.0625 3236 Fs_Rec - ok
11:53:00.0640 3236 [ 6AC26732762483366C3969C9E4D2259D ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
11:53:00.0796 3236 Ftdisk - ok
11:53:00.0812 3236 [ DF6E37B27A9A1A498C6D9F29995B7A03 ] GEARAspiWDM C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
11:53:00.0859 3236 GEARAspiWDM - ok
11:53:00.0890 3236 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
11:53:01.0015 3236 Gpc - ok
11:53:01.0062 3236 [ 1AD88BCF3D043BAA58C15EB262625F9B ] ha10kx2k C:\WINDOWS\system32\drivers\ha10kx2k.sys
11:53:01.0125 3236 ha10kx2k ( UnsignedFile.Multi.Generic ) - warning
11:53:01.0125 3236 ha10kx2k - detected UnsignedFile.Multi.Generic (1)
11:53:01.0156 3236 [ 8FF42F63C722A1DD4C91FF6A497FD6B2 ] hap16v2k C:\WINDOWS\system32\drivers\hap16v2k.sys
11:53:01.0187 3236 hap16v2k ( UnsignedFile.Multi.Generic ) - warning
11:53:01.0187 3236 hap16v2k - detected UnsignedFile.Multi.Generic (1)
11:53:01.0234 3236 [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
11:53:01.0359 3236 HDAudBus - ok
11:53:01.0421 3236 [ 4FCCA060DFE0C51A09DD5C3843888BCD ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
11:53:01.0546 3236 helpsvc - ok
11:53:01.0562 3236 [ DEB04DA35CC871B6D309B77E1443C796 ] HidServ C:\WINDOWS\System32\hidserv.dll
11:53:01.0703 3236 HidServ - ok
11:53:01.0734 3236 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys
11:53:01.0875 3236 HidUsb - ok
11:53:01.0890 3236 [ 8878BD685E490239777BFE51320B88E9 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
11:53:02.0031 3236 hkmsvc - ok
11:53:02.0046 3236 hpn - ok
11:53:02.0078 3236 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
11:53:02.0140 3236 HTTP - ok
11:53:02.0156 3236 [ 6100A808600F44D999CEBDEF8841C7A3 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
11:53:02.0296 3236 HTTPFilter - ok
11:53:02.0312 3236 i2omgmt - ok
11:53:02.0312 3236 i2omp - ok
11:53:02.0343 3236 [ 4A0B06AA8943C1E332520F7440C0AA30 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
11:53:02.0484 3236 i8042prt - ok
11:53:02.0531 3236 [ 0ACEBB31989CBF9A5663FE4A33D28D21 ] ialm C:\WINDOWS\system32\DRIVERS\ialmnt5.sys
11:53:02.0609 3236 ialm - ok
11:53:02.0656 3236 [ 737BC720D7019ABE8380E0C35869A4F4 ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
11:53:02.0703 3236 IDriverT ( UnsignedFile.Multi.Generic ) - warning
11:53:02.0703 3236 IDriverT - detected UnsignedFile.Multi.Generic (1)
11:53:02.0765 3236 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
11:53:02.0828 3236 idsvc - ok
11:53:02.0921 3236 [ 06609EFAC69823108456C53D7E0D55F9 ] IDSxpx86 C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20090206.001\IDSxpx86.sys
11:53:02.0968 3236 IDSxpx86 - ok
11:53:02.0984 3236 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
11:53:03.0125 3236 Imapi - ok
11:53:03.0187 3236 [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] ImapiService C:\WINDOWS\system32\imapi.exe
11:53:03.0328 3236 ImapiService - ok
11:53:03.0343 3236 ini910u - ok
11:53:03.0421 3236 [ EAFD29C7918325B45E0DABAFD82EF75F ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys
11:53:03.0531 3236 IntcAzAudAddService - ok
11:53:03.0562 3236 [ B5466A9250342A7AA0CD1FBA13420678 ] IntelIde C:\WINDOWS\system32\DRIVERS\intelide.sys
11:53:03.0687 3236 IntelIde - ok
11:53:03.0703 3236 [ 8C953733D8F36EB2133F5BB58808B66B ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
11:53:03.0828 3236 intelppm - ok
11:53:03.0859 3236 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\drivers\ip6fw.sys
11:53:03.0984 3236 Ip6Fw - ok
11:53:04.0015 3236 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
11:53:04.0156 3236 IpFilterDriver - ok
11:53:04.0171 3236 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
11:53:04.0296 3236 IpInIp - ok
11:53:04.0312 3236 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
11:53:04.0453 3236 IpNat - ok
11:53:04.0500 3236 [ 62937A89470AF8FF172F0980CA8AEFC9 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
11:53:04.0531 3236 iPod Service - ok
11:53:04.0546 3236 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
11:53:04.0687 3236 IPSec - ok
11:53:04.0718 3236 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
11:53:04.0859 3236 IRENUM - ok
11:53:04.0875 3236 [ 05A299EC56E52649B1CF2FC52D20F2D7 ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
11:53:05.0015 3236 isapnp - ok
11:53:05.0046 3236 [ F59C3569A2F2C464BB78CB1BDCDCA55E ] Iviaspi C:\WINDOWS\system32\drivers\iviaspi.sys
11:53:05.0078 3236 Iviaspi ( UnsignedFile.Multi.Generic ) - warning
11:53:05.0078 3236 Iviaspi - detected UnsignedFile.Multi.Generic (1)
11:53:05.0140 3236 [ 80F08F50D248EEEEB9256F6522891D40 ] JavaQuickStarterService C:\Program Files\Java\jre7\bin\jqs.exe
11:53:05.0187 3236 JavaQuickStarterService - ok
11:53:05.0218 3236 [ 463C1EC80CD17420A542B7F36A36F128 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
11:53:05.0343 3236 Kbdclass - ok
11:53:05.0359 3236 [ 9EF487A186DEA361AA06913A75B3FA99 ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys
11:53:05.0484 3236 kbdhid - ok
11:53:05.0500 3236 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
11:53:05.0640 3236 kmixer - ok
11:53:05.0671 3236 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
11:53:05.0718 3236 KSecDD - ok
11:53:05.0734 3236 [ DC61F15187372D164769C841655E58F3 ] L8042Kbd C:\WINDOWS\system32\DRIVERS\L8042Kbd.sys
11:53:05.0765 3236 L8042Kbd - ok
11:53:05.0781 3236 [ CB6E007D3A67CB80EE9DF2AFD4B0FC9D ] L8042mou C:\WINDOWS\system32\DRIVERS\L8042mou.Sys
11:53:05.0812 3236 L8042mou - ok
11:53:05.0843 3236 [ 3A7C3CBE5D96B8AE96CE81F0B22FB527 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
11:53:05.0890 3236 lanmanserver - ok
11:53:05.0906 3236 [ A8888A5327621856C0CEC4E385F69309 ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll
11:53:05.0953 3236 LanmanWorkstation - ok
11:53:05.0968 3236 [ BE2DC24D403643A2D1D98F33C7087B38 ] LBeepKE C:\WINDOWS\system32\Drivers\LBeepKE.sys
11:53:06.0000 3236 LBeepKE - ok
11:53:06.0000 3236 lbrtfdc - ok
11:53:06.0062 3236 [ 910344E2A984010435AE84783B25E5EB ] LBTServ C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
11:53:06.0109 3236 LBTServ - ok
11:53:06.0140 3236 [ 01CC7FB6E790EF044B411377F3A1FF41 ] LHidFilt C:\WINDOWS\system32\DRIVERS\LHidFilt.Sys
11:53:06.0171 3236 LHidFilt - ok
11:53:06.0203 3236 [ A7DB739AE99A796D91580147E919CC59 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
11:53:06.0343 3236 LmHosts - ok
11:53:06.0359 3236 [ A2E7EAE8898D7B4B8C302B8F4E836BB5 ] LMouFilt C:\WINDOWS\system32\DRIVERS\LMouFilt.Sys
11:53:06.0390 3236 LMouFilt - ok
11:53:06.0421 3236 [ 58597A99792461E89BB5C44E17508D70 ] LMouKE C:\WINDOWS\system32\DRIVERS\LMouKE.Sys
11:53:06.0437 3236 LMouKE - ok
11:53:06.0453 3236 [ 0DEC219CB6EFCBC872F88F9AEC320EA6 ] LUsbFilt C:\WINDOWS\system32\Drivers\LUsbFilt.Sys
11:53:06.0500 3236 LUsbFilt - ok
11:53:06.0531 3236 [ B7CA8CC3F978201856B6AB82F40953C3 ] MBAMProtector C:\WINDOWS\system32\drivers\mbam.sys
11:53:06.0546 3236 MBAMProtector - ok
11:53:06.0593 3236 [ 056B19651BD7B7CE5F89A3AC46DBDC08 ] MBAMService C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
11:53:06.0656 3236 MBAMService - ok
11:53:06.0687 3236 [ 986B1FF5814366D71E0AC5755C88F2D3 ] Messenger C:\WINDOWS\System32\msgsvc.dll
11:53:06.0812 3236 Messenger - ok
11:53:06.0875 3236 Micorsoft Windows Service - ok
11:53:06.0921 3236 [ 123271BD5237AB991DC5C21FDF8835EB ] Microsoft Office Groove Audit Service C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
11:53:06.0968 3236 Microsoft Office Groove Audit Service - ok
11:53:07.0000 3236 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
11:53:07.0140 3236 mnmdd - ok
11:53:07.0187 3236 [ D18F1F0C101D06A1C1ADF26EED16FCDD ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
11:53:07.0328 3236 mnmsrvc - ok
11:53:07.0359 3236 [ DFCBAD3CEC1C5F964962AE10E0BCC8E1 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
11:53:07.0500 3236 Modem - ok
11:53:07.0515 3236 [ 35C9E97194C8CFB8430125F8DBC34D04 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
11:53:07.0671 3236 Mouclass - ok
11:53:07.0687 3236 [ B1C303E17FB9D46E87A98E4BA6769685 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
11:53:07.0843 3236 mouhid - ok
11:53:07.0859 3236 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
11:53:08.0000 3236 MountMgr - ok
11:53:08.0031 3236 [ 8BE15F71DE6FF33FC56DCDE7B2B9EFE8 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
11:53:08.0078 3236 MozillaMaintenance - ok
11:53:08.0078 3236 mraid35x - ok
11:53:08.0093 3236 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
11:53:08.0234 3236 MRxDAV - ok
11:53:08.0265 3236 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
11:53:08.0343 3236 MRxSmb - ok
11:53:08.0359 3236 [ A137F1470499A205ABBB9AAFB3B6F2B1 ] MSDTC C:\WINDOWS\system32\msdtc.exe
11:53:08.0484 3236 MSDTC - ok
11:53:08.0500 3236 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
11:53:08.0640 3236 Msfs - ok
11:53:08.0640 3236 MSIServer - ok
11:53:08.0656 3236 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
11:53:08.0781 3236 MSKSSRV - ok
11:53:08.0796 3236 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
11:53:08.0921 3236 MSPCLOCK - ok
11:53:08.0968 3236 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
11:53:09.0125 3236 MSPQM - ok
11:53:09.0140 3236 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
11:53:09.0281 3236 mssmbios - ok
11:53:09.0296 3236 [ E53736A9E30C45FA9E7B5EAC55056D1D ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
11:53:09.0437 3236 MSTEE - ok
11:53:09.0468 3236 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
11:53:09.0500 3236 Mup - ok
11:53:09.0562 3236 [ 1CD241289BB4D4E357DFF21B4DADA5EE ] N360 C:\Program Files\Norton 360\Engine\3.0.0.135\ccSvcHst.exe
11:53:09.0593 3236 N360 - ok
11:53:09.0609 3236 [ 5B50F1B2A2ED47D560577B221DA734DB ] NABTSFEC C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
11:53:09.0750 3236 NABTSFEC - ok
11:53:09.0765 3236 [ 0102140028FAD045756796E1C685D695 ] napagent C:\WINDOWS\System32\qagentrt.dll
11:53:09.0906 3236 napagent - ok
11:53:09.0937 3236 [ 494C4EBFEE40BAAFF49492B97ABAF18C ] NAVENG C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20090226.034\NAVENG.SYS
11:53:09.0968 3236 NAVENG - ok
11:53:10.0015 3236 [ F4A95D6D20767A5F1F2B2FED261A1B23 ] NAVEX15 C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20090226.034\NAVEX15.SYS
11:53:10.0046 3236 NAVEX15 - ok
11:53:10.0078 3236 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
11:53:10.0218 3236 NDIS - ok
11:53:10.0234 3236 [ 7FF1F1FD8609C149AA432F95A8163D97 ] NdisIP C:\WINDOWS\system32\DRIVERS\NdisIP.sys
11:53:10.0375 3236 NdisIP - ok
11:53:10.0406 3236 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
11:53:10.0421 3236 NdisTapi - ok
11:53:10.0437 3236 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
11:53:10.0593 3236 Ndisuio - ok
11:53:10.0609 3236 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
11:53:10.0734 3236 NdisWan - ok
11:53:10.0765 3236 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
11:53:10.0796 3236 NDProxy - ok
11:53:10.0812 3236 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
11:53:10.0937 3236 NetBIOS - ok
11:53:10.0953 3236 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
11:53:11.0109 3236 NetBT - ok
11:53:11.0125 3236 [ B857BA82860D7FF85AE29B095645563B ] NetDDE C:\WINDOWS\system32\netdde.exe
11:53:11.0265 3236 NetDDE - ok
11:53:11.0281 3236 [ B857BA82860D7FF85AE29B095645563B ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
11:53:11.0406 3236 NetDDEdsdm - ok
11:53:11.0437 3236 [ BF2466B3E18E970D8A976FB95FC1CA85 ] Netlogon C:\WINDOWS\system32\lsass.exe
11:53:11.0562 3236 Netlogon - ok
11:53:11.0593 3236 [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] Netman C:\WINDOWS\System32\netman.dll
11:53:11.0750 3236 Netman - ok
11:53:11.0765 3236 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
11:53:11.0796 3236 NetTcpPortSharing - ok
11:53:11.0812 3236 [ E9E47CFB2D461FA0FC75B7A74C6383EA ] NIC1394 C:\WINDOWS\system32\DRIVERS\nic1394.sys
11:53:11.0953 3236 NIC1394 - ok
11:53:11.0984 3236 [ 943337D786A56729263071623BBB9DE5 ] Nla C:\WINDOWS\System32\mswsock.dll
11:53:12.0031 3236 Nla - ok
11:53:12.0062 3236 [ 1E421A6BCF2203CC61B821ADA9DE878B ] nm C:\WINDOWS\system32\DRIVERS\NMnt.sys
11:53:12.0187 3236 nm - ok
11:53:12.0218 3236 [ B4E87D4F40C57D036E821BD06DB1D1B7 ] nmwcd C:\WINDOWS\system32\drivers\ccdcmb.sys
11:53:12.0281 3236 nmwcd - ok
11:53:12.0312 3236 [ BEE0ADDF01D62725DDC2CC113D6B374C ] nmwcdc C:\WINDOWS\system32\drivers\ccdcmbo.sys
11:53:12.0375 3236 nmwcdc - ok
11:53:12.0406 3236 [ 6623E51595C0076755C29C00846C4EB2 ] NPF C:\WINDOWS\system32\drivers\npf.sys
11:53:12.0437 3236 NPF - ok
11:53:12.0453 3236 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
11:53:12.0593 3236 Npfs - ok
11:53:12.0625 3236 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
11:53:12.0781 3236 Ntfs - ok
11:53:12.0796 3236 [ BF2466B3E18E970D8A976FB95FC1CA85 ] NtLmSsp C:\WINDOWS\System32\lsass.exe
11:53:12.0921 3236 NtLmSsp - ok
11:53:12.0968 3236 [ 156F64A3345BD23C600655FB4D10BC08 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
11:53:13.0125 3236 NtmsSvc - ok
11:53:13.0156 3236 [ CF7E041663119E09D2E118521ADA9300 ] NuidFltr C:\WINDOWS\system32\DRIVERS\NuidFltr.sys
11:53:13.0187 3236 NuidFltr - ok
11:53:13.0203 3236 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
11:53:13.0343 3236 Null - ok
11:53:13.0515 3236 [ 9E143FB3EF13B7EC1C1DD06529DEBADD ] nv C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
11:53:13.0750 3236 nv - ok
11:53:13.0781 3236 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
11:53:13.0921 3236 NwlnkFlt - ok
11:53:13.0937 3236 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
11:53:14.0078 3236 NwlnkFwd - ok
11:53:14.0140 3236 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
11:53:14.0187 3236 odserv - ok
11:53:14.0218 3236 [ CA33832DF41AFB202EE7AEB05145922F ] ohci1394 C:\WINDOWS\system32\DRIVERS\ohci1394.sys
11:53:14.0343 3236 ohci1394 - ok
11:53:14.0375 3236 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
11:53:14.0406 3236 ose - ok
11:53:14.0421 3236 [ 5575FAF8F97CE5E713D108C2A58D7C7C ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys
11:53:14.0562 3236 Parport - ok
11:53:14.0562 3236 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
11:53:14.0687 3236 PartMgr - ok
11:53:14.0718 3236 [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
11:53:14.0859 3236 ParVdm - ok
11:53:14.0890 3236 [ 175CC28DCF819F78CAA3FBD44AD9E52A ] pccsmcfd C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys
11:53:14.0921 3236 pccsmcfd - ok
11:53:14.0937 3236 [ A219903CCF74233761D92BEF471A07B1 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
11:53:15.0062 3236 PCI - ok
11:53:15.0062 3236 PCIDump - ok
11:53:15.0078 3236 [ CCF5F451BB1A5A2A522A76E670000FF0 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
11:53:15.0218 3236 PCIIde - ok
11:53:15.0234 3236 [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
11:53:15.0375 3236 Pcmcia - ok
11:53:15.0390 3236 [ A05145D98D8F74D8CA7E251C1E1B274D ] PCTINDIS5 C:\WINDOWS\System32\PCTINDIS5.SYS
11:53:15.0421 3236 PCTINDIS5 ( UnsignedFile.Multi.Generic ) - warning
11:53:15.0421 3236 PCTINDIS5 - detected UnsignedFile.Multi.Generic (1)
11:53:15.0437 3236 [ 53B518B36FF81CB21334E43237B7B461 ] PCTWPASV C:\Program Files\Arcadyan Wireless\pctwpasv.exe
11:53:15.0484 3236 PCTWPASV ( UnsignedFile.Multi.Generic ) - warning
11:53:15.0484 3236 PCTWPASV - detected UnsignedFile.Multi.Generic (1)
11:53:15.0500 3236 PDCOMP - ok
11:53:15.0500 3236 PDFRAME - ok
11:53:15.0515 3236 PDRELI - ok
11:53:15.0515 3236 PDRFRAME - ok
11:53:15.0531 3236 perc2 - ok
11:53:15.0531 3236 perc2hib - ok
11:53:15.0578 3236 [ 444F122E68DB44C0589227781F3C8B3F ] Pfc C:\WINDOWS\system32\drivers\pfc.sys
11:53:15.0593 3236 Pfc ( UnsignedFile.Multi.Generic ) - warning
11:53:15.0593 3236 Pfc - detected UnsignedFile.Multi.Generic (1)
11:53:15.0625 3236 [ 2F81E367875C5D7D6F05454BA84D27A9 ] PID_0920 C:\WINDOWS\system32\DRIVERS\LV532AV.SYS
11:53:15.0656 3236 PID_0920 - ok
11:53:15.0687 3236 [ 65DF52F5B8B6E9BBD183505225C37315 ] PlugPlay C:\WINDOWS\system32\services.exe
11:53:15.0718 3236 PlugPlay - ok
11:53:15.0718 3236 [ BF2466B3E18E970D8A976FB95FC1CA85 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
11:53:15.0859 3236 PolicyAgent - ok
11:53:15.0890 3236 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
11:53:16.0015 3236 PptpMiniport - ok
11:53:16.0062 3236 [ 23EA4D861FAA8A010DB153F9819FB4F7 ] PRISM_A00 C:\WINDOWS\system32\DRIVERS\PCTELSAP.SYS
11:53:16.0125 3236 PRISM_A00 - ok
11:53:16.0140 3236 [ A32BEBAF723557681BFC6BD93E98BD26 ] Processor C:\WINDOWS\system32\DRIVERS\processr.sys
11:53:16.0265 3236 Processor - ok
11:53:16.0281 3236 PROCEXP151 - ok
11:53:16.0281 3236 [ BF2466B3E18E970D8A976FB95FC1CA85 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
11:53:16.0406 3236 ProtectedStorage - ok
11:53:16.0421 3236 [ 9B793A1FFD480155FE9EE5261153F21B ] Ps2 C:\WINDOWS\system32\DRIVERS\PS2.sys
11:53:16.0453 3236 Ps2 - ok
11:53:16.0453 3236 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
11:53:16.0593 3236 PSched - ok
11:53:16.0609 3236 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
11:53:16.0750 3236 Ptilink - ok
11:53:16.0796 3236 [ E42E3433DBB4CFFE8FDD91EAB29AEA8E ] PxHelp20 C:\WINDOWS\system32\Drivers\PxHelp20.sys
11:53:16.0812 3236 PxHelp20 - ok
11:53:16.0828 3236 ql1080 - ok
11:53:16.0828 3236 Ql10wnt - ok
11:53:16.0843 3236 ql12160 - ok
11:53:16.0843 3236 ql1240 - ok
11:53:16.0859 3236 ql1280 - ok
11:53:16.0875 3236 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
11:53:17.0000 3236 RasAcd - ok
11:53:17.0031 3236 [ AD188BE7BDF94E8DF4CA0A55C00A5073 ] RasAuto C:\WINDOWS\System32\rasauto.dll
11:53:17.0171 3236 RasAuto - ok
11:53:17.0187 3236 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
11:53:17.0328 3236 Rasl2tp - ok
11:53:17.0375 3236 [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] RasMan C:\WINDOWS\System32\rasmans.dll
11:53:17.0500 3236 RasMan - ok
11:53:17.0500 3236 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
11:53:17.0640 3236 RasPppoe - ok
11:53:17.0640 3236 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
11:53:17.0781 3236 Raspti - ok
11:53:17.0812 3236 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
11:53:17.0937 3236 Rdbss - ok
11:53:17.0937 3236 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
11:53:18.0078 3236 RDPCDD - ok
11:53:18.0109 3236 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
11:53:18.0156 3236 RDPWD - ok
11:53:18.0187 3236 [ 3C37BF86641BDA977C3BF8A840F3B7FA ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
11:53:18.0328 3236 RDSessMgr - ok
11:53:18.0343 3236 [ F828DD7E1419B6653894A8F97A0094C5 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
11:53:18.0468 3236 redbook - ok
11:53:18.0484 3236 RegKernelHelp - ok
11:53:18.0515 3236 [ 7E699FF5F59B5D9DE5390E3C34C67CF5 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
11:53:18.0656 3236 RemoteAccess - ok
11:53:18.0671 3236 [ F17713D108ACA124A139FDE877EEF68A ] RimUsb C:\WINDOWS\system32\Drivers\RimUsb.sys
11:53:18.0703 3236 RimUsb - ok
11:53:18.0734 3236 [ E51A8D02B4BD33EBA1F7A5B76C3766ED ] rpcapd C:\Program Files\WinPcap\rpcapd.exe
11:53:18.0765 3236 rpcapd - ok
11:53:18.0781 3236 [ AAED593F84AFA419BBAE8572AF87CF6A ] RpcLocator C:\WINDOWS\System32\locator.exe
11:53:18.0906 3236 RpcLocator - ok
11:53:18.0937 3236 [ 6B27A5C03DFB94B4245739065431322C ] RpcSs C:\WINDOWS\System32\rpcss.dll
11:53:18.0984 3236 RpcSs - ok
11:53:19.0031 3236 [ 471B3F9741D762ABE75E9DEEA4787E47 ] RSVP C:\WINDOWS\System32\rsvp.exe
11:53:19.0218 3236 RSVP - ok
11:53:19.0265 3236 [ E2E588D92C8E151CD3515EE09FEC90E2 ] rt2870 C:\WINDOWS\system32\DRIVERS\rt2870.sys
11:53:19.0312 3236 rt2870 - ok
11:53:19.0343 3236 [ 67C9511A760149797E806FFD9F14AD37 ] RTL8023xp C:\WINDOWS\system32\DRIVERS\Rtnicxp.sys
11:53:19.0421 3236 RTL8023xp - ok
11:53:19.0437 3236 [ 2EF9C0DC26B30B2318B1FC3FAA1F0AE7 ] rtl8139 C:\WINDOWS\system32\DRIVERS\R8139n51.SYS
11:53:19.0468 3236 rtl8139 - ok
11:53:19.0484 3236 [ BF2466B3E18E970D8A976FB95FC1CA85 ] SamSs C:\WINDOWS\system32\lsass.exe
11:53:19.0609 3236 SamSs - ok
11:53:19.0625 3236 [ 86D007E7A654B9A71D1D7D856B104353 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
11:53:19.0765 3236 SCardSvr - ok
11:53:19.0796 3236 [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] Schedule C:\WINDOWS\system32\schedsvc.dll
11:53:19.0921 3236 Schedule - ok
11:53:19.0953 3236 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
11:53:20.0093 3236 Secdrv - ok
11:53:20.0109 3236 [ CBE612E2BB6A10E3563336191EDA1250 ] seclogon C:\WINDOWS\System32\seclogon.dll
11:53:20.0234 3236 seclogon - ok
11:53:20.0250 3236 [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] SENS C:\WINDOWS\system32\sens.dll
11:53:20.0390 3236 SENS - ok
11:53:20.0406 3236 [ 0F29512CCD6BEAD730039FB4BD2C85CE ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
11:53:20.0531 3236 serenum - ok
11:53:20.0546 3236 [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys
11:53:20.0703 3236 Serial - ok
11:53:20.0750 3236 [ 3ADDDE282706E6CA90EE4A7324C9C243 ] ServiceLayer C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
11:53:20.0812 3236 ServiceLayer ( UnsignedFile.Multi.Generic ) - warning
11:53:20.0812 3236 ServiceLayer - detected UnsignedFile.Multi.Generic (1)
11:53:20.0843 3236 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
11:53:20.0984 3236 Sfloppy - ok
11:53:21.0000 3236 [ 83F41D0D89645D7235C051AB1D9523AC ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
11:53:21.0140 3236 SharedAccess - ok
11:53:21.0171 3236 [ 99BC0B50F511924348BE19C7C7313BBF ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
11:53:21.0203 3236 ShellHWDetection - ok
11:53:21.0203 3236 Simbad - ok
11:53:21.0250 3236 [ 020467B4EE7F73C304943BF0E3E4D526 ] SiS315 C:\WINDOWS\system32\DRIVERS\sisgrp.sys
11:53:21.0265 3236 SiS315 - ok
11:53:21.0281 3236 [ 61CA562DEF09A782D26B3E7EDEC5369A ] SISAGP C:\WINDOWS\system32\DRIVERS\SISAGPX.sys
11:53:21.0328 3236 SISAGP - ok
11:53:21.0343 3236 [ 02960A9C3F4E5178EDBD9C0D2D995B3B ] SiSkp C:\WINDOWS\system32\DRIVERS\srvkp.sys
11:53:21.0375 3236 SiSkp - ok
11:53:21.0390 3236 [ 866D538EBE33709A5C9F5C62B73B7D14 ] SLIP C:\WINDOWS\system32\DRIVERS\SLIP.sys
11:53:21.0515 3236 SLIP - ok
11:53:21.0531 3236 [ 60C377BE6B3CC83F6A8584934B181D2E ] SNMP C:\WINDOWS\System32\snmp.exe
11:53:21.0671 3236 SNMP - ok
11:53:21.0687 3236 [ 80A050795A107A76C2B1CD4CFBE010E6 ] SNMPTRAP C:\WINDOWS\System32\snmptrap.exe
11:53:21.0812 3236 SNMPTRAP - ok
11:53:21.0812 3236 Sparrow - ok
11:53:21.0843 3236 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
11:53:21.0968 3236 splitter - ok
11:53:22.0000 3236 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe
11:53:22.0031 3236 Spooler - ok
11:53:22.0078 3236 [ CDDDEC541BC3C96F91ECB48759673505 ] sptd C:\WINDOWS\system32\Drivers\sptd.sys
11:53:22.0078 3236 Suspicious file (NoAccess): C:\WINDOWS\system32\Drivers\sptd.sys. md5: CDDDEC541BC3C96F91ECB48759673505
11:53:22.0078 3236 sptd ( LockedFile.Multi.Generic ) - warning
11:53:22.0078 3236 sptd - detected LockedFile.Multi.Generic (1)
11:53:22.0078 3236 [ 76BB022C2FB6902FD5BDD4F78FC13A5D ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
11:53:22.0218 3236 sr - ok
11:53:22.0234 3236 [ 3805DF0AC4296A34BA4BF93B346CC378 ] srservice C:\WINDOWS\system32\srsvc.dll
11:53:22.0390 3236 srservice - ok
11:53:22.0437 3236 [ D572D48CA47B33B49BBA9A7BC5CB45C6 ] SRTSP C:\WINDOWS\system32\drivers\N360\0300000.087\SRTSP.SYS
11:53:22.0468 3236 SRTSP - ok
11:53:22.0484 3236 [ 262072D44A269E6D590291F8321F00B1 ] SRTSPX C:\WINDOWS\system32\drivers\N360\0300000.087\SRTSPX.SYS
11:53:22.0515 3236 SRTSPX - ok
11:53:22.0546 3236 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
11:53:22.0609 3236 Srv - ok
11:53:22.0625 3236 [ 0A5679B3714EDAB99E357057EE88FCA6 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
11:53:22.0750 3236 SSDPSRV - ok
11:53:22.0781 3236 [ 8BAD69CBAC032D4BBACFCE0306174C30 ] stisvc C:\WINDOWS\system32\wiaservc.dll
11:53:22.0921 3236 stisvc - ok
11:53:22.0937 3236 [ 77813007BA6265C4B6098187E6ED79D2 ] streamip C:\WINDOWS\system32\DRIVERS\StreamIP.sys
11:53:23.0062 3236 streamip - ok
11:53:23.0078 3236 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
11:53:23.0203 3236 swenum - ok
11:53:23.0218 3236 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
11:53:23.0359 3236 swmidi - ok
11:53:23.0359 3236 SwPrv - ok
11:53:23.0375 3236 symc810 - ok
11:53:23.0375 3236 symc8xx - ok
11:53:23.0406 3236 [ D0403502B507878AA57A79E45B7DFE40 ] SymEFA C:\WINDOWS\system32\drivers\N360\0300000.087\SYMEFA.SYS
11:53:23.0453 3236 SymEFA - ok
11:53:23.0468 3236 [ 46AE80304322442CF5D971E63F138551 ] SymEvent C:\WINDOWS\system32\Drivers\SYMEVENT.SYS
11:53:23.0500 3236 SymEvent - ok
11:53:23.0515 3236 [ 3D4C6195812ACD7CD8EF59CB61DD8101 ] SYMFW C:\WINDOWS\system32\drivers\N360\0300000.087\SYMFW.SYS
11:53:23.0531 3236 SYMFW - ok
11:53:23.0562 3236 [ EC73D99C696BF3DA09A9B50D45B657B1 ] SYMIDS C:\WINDOWS\system32\drivers\N360\0300000.087\SYMIDS.SYS
11:53:23.0578 3236 SYMIDS - ok
11:53:23.0609 3236 [ E5A4D3DA0E733DD8C77251C5EB0D8FEA ] SymIM C:\WINDOWS\system32\DRIVERS\SymIM.sys
11:53:23.0625 3236 SymIM - ok
11:53:23.0625 3236 [ E5A4D3DA0E733DD8C77251C5EB0D8FEA ] SymIMMP C:\WINDOWS\system32\DRIVERS\SymIM.sys
11:53:23.0671 3236 SymIMMP - ok
11:53:23.0687 3236 [ 6F3537F67A2018F0A85176146CAEFA92 ] SYMNDIS C:\WINDOWS\system32\drivers\N360\0300000.087\SYMNDIS.SYS
11:53:23.0703 3236 SYMNDIS - ok
11:53:23.0734 3236 [ 3B4A6CF6B737A998D753C17E8EB4C11E ] SYMTDI C:\WINDOWS\system32\drivers\N360\0300000.087\SYMTDI.SYS
11:53:23.0750 3236 SYMTDI - ok
11:53:23.0765 3236 sym_hi - ok
11:53:23.0765 3236 sym_u3 - ok
11:53:23.0796 3236 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
11:53:23.0937 3236 sysaudio - ok
11:53:23.0953 3236 [ C7ABBC59B43274B1109DF6B24D617051 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
11:53:24.0078 3236 SysmonLog - ok
11:53:24.0109 3236 [ 3CB78C17BB664637787C9A1C98F79C38 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
11:53:24.0234 3236 TapiSrv - ok
11:53:24.0265 3236 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
11:53:24.0328 3236 Tcpip - ok
11:53:24.0343 3236 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
11:53:24.0468 3236 TDPIPE - ok
11:53:24.0500 3236 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
11:53:24.0625 3236 TDTCP - ok
11:53:24.0640 3236 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
11:53:24.0765 3236 TermDD - ok
11:53:24.0796 3236 [ FF3477C03BE7201C294C35F684B3479F ] TermService C:\WINDOWS\System32\termsrv.dll
11:53:24.0937 3236 TermService - ok
11:53:24.0953 3236 [ 99BC0B50F511924348BE19C7C7313BBF ] Themes C:\WINDOWS\System32\shsvcs.dll
11:53:24.0984 3236 Themes - ok
11:53:25.0000 3236 TosIde - ok
11:53:25.0015 3236 [ 55BCA12F7F523D35CA3CB833C725F54E ] TrkWks C:\WINDOWS\system32\trkwks.dll
11:53:25.0156 3236 TrkWks - ok
11:53:25.0171 3236 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
11:53:25.0296 3236 Udfs - ok
11:53:25.0312 3236 ultra - ok
11:53:25.0328 3236 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
11:53:25.0468 3236 Update - ok
11:53:25.0484 3236 [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 ] upnphost C:\WINDOWS\System32\upnphost.dll
11:53:25.0609 3236 upnphost - ok
11:53:25.0640 3236 [ F5D2AA9D56A3A01A190D01CD961BA0E7 ] upperdev C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys
11:53:25.0687 3236 upperdev - ok
11:53:25.0718 3236 [ 05365FB38FCA1E98F7A566AAAF5D1815 ] UPS C:\WINDOWS\System32\ups.exe
11:53:25.0843 3236 UPS - ok
11:53:25.0875 3236 [ C1CA131F4E3ED63D6BC89A35FFAD4CDA ] USBAAPL C:\WINDOWS\system32\Drivers\usbaapl.sys
11:53:25.0906 3236 USBAAPL - ok
11:53:25.0937 3236 [ E919708DB44ED8543A7C017953148330 ] usbaudio C:\WINDOWS\system32\drivers\usbaudio.sys
11:53:26.0046 3236 usbaudio - ok
11:53:26.0078 3236 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
11:53:26.0203 3236 usbccgp - ok
11:53:26.0234 3236 [ D21CDE1C635BCC5053463579EEE453CF ] USBCM C:\WINDOWS\system32\DRIVERS\Sacm1K.sys
11:53:26.0250 3236 USBCM ( UnsignedFile.Multi.Generic ) - warning
11:53:26.0250 3236 USBCM - detected UnsignedFile.Multi.Generic (1)
11:53:26.0281 3236 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
11:53:26.0406 3236 usbehci - ok
11:53:26.0437 3236 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
11:53:26.0562 3236 usbhub - ok
11:53:26.0562 3236 [ 0DAECCE65366EA32B162F85F07C6753B ] usbohci C:\WINDOWS\system32\DRIVERS\usbohci.sys
11:53:26.0703 3236 usbohci - ok
11:53:26.0718 3236 [ 1C888B000C2F9492F4B15B5B6B84873E ] usbser C:\WINDOWS\system32\drivers\usbser.sys
11:53:26.0843 3236 usbser - ok
11:53:26.0875 3236 [ EB2D3830646E393776E1EF98AC76A43D ] UsbserFilt C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys
11:53:26.0921 3236 UsbserFilt - ok
11:53:26.0921 3236 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
11:53:27.0062 3236 USBSTOR - ok
11:53:27.0078 3236 [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
11:53:27.0203 3236 usbuhci - ok
11:53:27.0218 3236 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
11:53:27.0343 3236 VgaSave - ok
11:53:27.0359 3236 viaagp1 - ok
11:53:27.0390 3236 [ 220D565A3AFDEA901DABC67A5C81A121 ] viagfx C:\WINDOWS\system32\DRIVERS\vtmini.sys
11:53:27.0421 3236 viagfx - ok
11:53:27.0437 3236 [ 3B3EFCDA263B8AC14FDF9CBDD0791B2E ] ViaIde C:\WINDOWS\system32\DRIVERS\viaide.sys
11:53:27.0546 3236 ViaIde - ok
11:53:27.0562 3236 [ 4C8FCB5CC53AAB716D810740FE59D025 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
11:53:27.0703 3236 VolSnap - ok
11:53:27.0734 3236 [ 7A9DB3A67C333BF0BD42E42B8596854B ] VSS C:\WINDOWS\System32\vssvc.exe
11:53:27.0859 3236 VSS - ok
11:53:27.0890 3236 [ 54AF4B1D5459500EF0937F6D33B1914F ] W32Time C:\WINDOWS\system32\w32time.dll
11:53:28.0000 3236 W32Time - ok
11:53:28.0015 3236 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
11:53:28.0140 3236 Wanarp - ok
11:53:28.0187 3236 [ FD47474BD21794508AF449D9D91AF6E6 ] Wdf01000 C:\WINDOWS\system32\DRIVERS\Wdf01000.sys
11:53:28.0250 3236 Wdf01000 - ok
11:53:28.0250 3236 WDICA - ok
11:53:28.0281 3236 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
11:53:28.0406 3236 wdmaud - ok
11:53:28.0421 3236 [ 77A354E28153AD2D5E120A5A8687BC06 ] WebClient C:\WINDOWS\System32\webclnt.dll
11:53:28.0546 3236 WebClient - ok
11:53:28.0609 3236 [ 2D0E4ED081963804CCC196A0929275B5 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
11:53:28.0750 3236 winmgmt - ok
11:53:28.0781 3236 [ 051B1BDECD6DEE18C771B5D5EC7F044D ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
11:53:28.0828 3236 WmdmPmSN - ok
11:53:28.0843 3236 [ E0673F1106E62A68D2257E376079F821 ] WmiApSrv C:\WINDOWS\System32\wbem\wmiapsrv.exe
11:53:28.0984 3236 WmiApSrv - ok
11:53:29.0046 3236 [ 3730B84637CB6E28F6FFD38E0880BBB4 ] WMPNetworkSvc C:\Program Files\Windows Media Player\WMPNetwk.exe
11:53:29.0265 3236 WMPNetworkSvc ( UnsignedFile.Multi.Generic ) - warning
11:53:29.0265 3236 WMPNetworkSvc - detected UnsignedFile.Multi.Generic (1)
11:53:29.0343 3236 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
11:53:29.0406 3236 WPFFontCache_v0400 - ok
11:53:29.0437 3236 [ 6ABE6E225ADB5A751622A9CC3BC19CE8 ] WS2IFSL C:\WINDOWS\System32\drivers\ws2ifsl.sys
11:53:29.0562 3236 WS2IFSL - ok
11:53:29.0593 3236 [ 7C278E6408D1DCE642230C0585A854D5 ] wscsvc C:\WINDOWS\system32\wscsvc.dll
11:53:29.0718 3236 wscsvc - ok
11:53:29.0734 3236 [ C98B39829C2BBD34E454150633C62C78 ] WSTCODEC C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
11:53:29.0859 3236 WSTCODEC - ok
11:53:29.0890 3236 [ 35321FB577CDC98CE3EB3A3EB9E4610A ] wuauserv C:\WINDOWS\system32\wuauserv.dll
11:53:30.0031 3236 wuauserv - ok
11:53:30.0046 3236 [ 50EB9E21963B4F06FD010D007D54351B ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
11:53:30.0078 3236 WudfPf - ok
11:53:30.0093 3236 [ AE93084D2D236887BA56467AE42B4955 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
11:53:30.0140 3236 WudfSvc - ok
11:53:30.0187 3236 [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
11:53:30.0343 3236 WZCSVC - ok
11:53:30.0359 3236 [ 295D21F14C335B53CB8154E5B1F892B9 ] xmlprov C:\WINDOWS\System32\xmlprov.dll
11:53:30.0484 3236 xmlprov - ok
11:53:30.0515 3236 ================ Scan global ===============================
11:53:30.0531 3236 [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll
11:53:30.0562 3236 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll
11:53:30.0578 3236 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll
11:53:30.0593 3236 [ 65DF52F5B8B6E9BBD183505225C37315 ] C:\WINDOWS\system32\services.exe
11:53:30.0593 3236 [Global] - ok
11:53:30.0593 3236 ================ Scan MBR ==================================
11:53:30.0609 3236 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0
11:53:30.0796 3236 \Device\Harddisk0\DR0 - ok
11:53:30.0796 3236 [ AF19CFC60AAE849E72FFBEE3A164B834 ] \Device\Harddisk5\DR7
11:53:32.0421 3236 \Device\Harddisk5\DR7 - ok
11:53:32.0421 3236 ================ Scan VBR ==================================
11:53:32.0421 3236 [ 7295AF7BC41EA1FD8BB6BB54F68BE903 ] \Device\Harddisk0\DR0\Partition1
11:53:32.0421 3236 \Device\Harddisk0\DR0\Partition1 - ok
11:53:32.0421 3236 [ 51BF0B28FBEEDDA7E13FD57DBFCA86D2 ] \Device\Harddisk0\DR0\Partition2
11:53:32.0421 3236 \Device\Harddisk0\DR0\Partition2 - ok
11:53:32.0421 3236 ================ Scan active images ========================
11:53:32.0421 3236 [ A32BEBAF723557681BFC6BD93E98BD26 ] C:\WINDOWS\system32\drivers\processr.sys
11:53:32.0437 3236 C:\WINDOWS\system32\drivers\processr.sys - ok
11:53:32.0437 3236 [ E28726B72C46821A28830E077D39A55B ] C:\WINDOWS\system32\drivers\videoprt.sys
11:53:32.0437 3236 C:\WINDOWS\system32\drivers\videoprt.sys - ok
11:53:32.0437 3236 [ 9E143FB3EF13B7EC1C1DD06529DEBADD ] C:\WINDOWS\system32\drivers\nv4_mini.sys
11:53:32.0437 3236 C:\WINDOWS\system32\drivers\nv4_mini.sys - ok
11:53:32.0437 3236 [ 573C7D0A32852B48F3058CFD8026F511 ] C:\WINDOWS\system32\drivers\hdaudbus.sys
11:53:32.0437 3236 C:\WINDOWS\system32\drivers\hdaudbus.sys - ok
11:53:32.0453 3236 [ 791912E524CC2CC6F50B5F2B52D1EB71 ] C:\WINDOWS\system32\drivers\usbport.sys
11:53:32.0453 3236 C:\WINDOWS\system32\drivers\usbport.sys - ok
11:53:32.0453 3236 [ 26496F9DEE2D787FC3E61AD54821FFE6 ] C:\WINDOWS\system32\drivers\usbuhci.sys
11:53:32.0453 3236 C:\WINDOWS\system32\drivers\usbuhci.sys - ok
11:53:32.0453 3236 [ E9E47CFB2D461FA0FC75B7A74C6383EA ] C:\WINDOWS\system32\drivers\nic1394.sys
11:53:32.0468 3236 C:\WINDOWS\system32\drivers\nic1394.sys - ok
11:53:32.0468 3236 [ 67C9511A760149797E806FFD9F14AD37 ] C:\WINDOWS\system32\drivers\Rtnicxp.sys
11:53:32.0468 3236 C:\WINDOWS\system32\drivers\Rtnicxp.sys - ok
11:53:32.0468 3236 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] C:\WINDOWS\system32\drivers\usbehci.sys
11:53:32.0468 3236 C:\WINDOWS\system32\drivers\usbehci.sys - ok
11:53:32.0484 3236 [ 23EA4D861FAA8A010DB153F9819FB4F7 ] C:\WINDOWS\system32\drivers\PCTELSAP.SYS
11:53:32.0484 3236 C:\WINDOWS\system32\drivers\PCTELSAP.SYS - ok
11:53:32.0484 3236 [ 994A42D273C35B43EE9D1E8A5D8BC639 ] C:\WINDOWS\system32\drivers\AGRSM.sys
11:53:32.0484 3236 C:\WINDOWS\system32\drivers\AGRSM.sys - ok
11:53:32.0484 3236 [ 0753515F78DF7F271A5E61C20BCD36A1 ] C:\WINDOWS\system32\drivers\ks.sys
11:53:32.0484 3236 C:\WINDOWS\system32\drivers\ks.sys - ok
11:53:32.0500 3236 [ 596EB39B50D6EBD9B734DC4AE0544693 ] C:\WINDOWS\system32\drivers\usbd.sys
11:53:32.0500 3236 C:\WINDOWS\system32\drivers\usbd.sys - ok
11:53:32.0500 3236 [ DFCBAD3CEC1C5F964962AE10E0BCC8E1 ] C:\WINDOWS\system32\drivers\modem.sys
11:53:32.0500 3236 C:\WINDOWS\system32\drivers\modem.sys - ok
11:53:32.0500 3236 [ 5575FAF8F97CE5E713D108C2A58D7C7C ] C:\WINDOWS\system32\drivers\parport.sys
11:53:32.0500 3236 C:\WINDOWS\system32\drivers\parport.sys - ok
11:53:32.0515 3236 [ 4A0B06AA8943C1E332520F7440C0AA30 ] C:\WINDOWS\system32\drivers\i8042prt.sys
11:53:32.0515 3236 C:\WINDOWS\system32\drivers\i8042prt.sys - ok
11:53:32.0515 3236 [ 463C1EC80CD17420A542B7F36A36F128 ] C:\WINDOWS\system32\drivers\kbdclass.sys
11:53:32.0515 3236 C:\WINDOWS\system32\drivers\kbdclass.sys - ok
11:53:32.0515 3236 [ 9B793A1FFD480155FE9EE5261153F21B ] C:\WINDOWS\system32\drivers\PS2.sys
11:53:32.0515 3236 C:\WINDOWS\system32\drivers\PS2.sys - ok
11:53:32.0531 3236 [ 1F4260CC5B42272D71F79E570A27A4FE ] C:\WINDOWS\system32\drivers\cdrom.sys
11:53:32.0531 3236 C:\WINDOWS\system32\drivers\cdrom.sys - ok
11:53:32.0531 3236 [ 083A052659F5310DD8B6A6CB05EDCF8E ] C:\WINDOWS\system32\drivers\imapi.sys
11:53:32.0531 3236 C:\WINDOWS\system32\drivers\imapi.sys - ok
11:53:32.0531 3236 [ F59C3569A2F2C464BB78CB1BDCDCA55E ] C:\WINDOWS\system32\drivers\iviaspi.sys
11:53:32.0531 3236 C:\WINDOWS\system32\drivers\iviaspi.sys - ok
11:53:32.0546 3236 [ 444F122E68DB44C0589227781F3C8B3F ] C:\WINDOWS\system32\drivers\pfc.sys
11:53:32.0546 3236 C:\WINDOWS\system32\drivers\pfc.sys - ok
11:53:32.0546 3236 [ DF6E37B27A9A1A498C6D9F29995B7A03 ] C:\WINDOWS\system32\drivers\GEARAspiWDM.sys
11:53:32.0546 3236 C:\WINDOWS\system32\drivers\GEARAspiWDM.sys - ok
11:53:32.0546 3236 [ F828DD7E1419B6653894A8F97A0094C5 ] C:\WINDOWS\system32\drivers\redbook.sys
11:53:32.0546 3236 C:\WINDOWS\system32\drivers\redbook.sys - ok
11:53:32.0562 3236 [ D9F724AA26C010A217C97606B160ED68 ] C:\WINDOWS\system32\drivers\audstub.sys
11:53:32.0562 3236 C:\WINDOWS\system32\drivers\audstub.sys - ok
11:53:32.0562 3236 [ 0109C4F3850DFBAB279542515386AE22 ] C:\WINDOWS\system32\drivers\ndistapi.sys
11:53:32.0562 3236 C:\WINDOWS\system32\drivers\ndistapi.sys - ok
11:53:32.0562 3236 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] C:\WINDOWS\system32\drivers\rasl2tp.sys
11:53:32.0562 3236 C:\WINDOWS\system32\drivers\rasl2tp.sys - ok
11:53:32.0578 3236 [ EDC1531A49C80614B2CFDA43CA8659AB ] C:\WINDOWS\system32\drivers\ndiswan.sys
11:53:32.0578 3236 C:\WINDOWS\system32\drivers\ndiswan.sys - ok
11:53:32.0578 3236 [ 5BC962F2654137C9909C3D4603587DEE ] C:\WINDOWS\system32\drivers\raspppoe.sys
11:53:32.0578 3236 C:\WINDOWS\system32\drivers\raspppoe.sys - ok
11:53:32.0578 3236 [ 0539D5E53587F82D1B4FD74C5BE205CF ] C:\WINDOWS\system32\drivers\tdi.sys
11:53:32.0578 3236 C:\WINDOWS\system32\drivers\tdi.sys - ok
11:53:32.0578 3236 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] C:\WINDOWS\system32\drivers\raspptp.sys
11:53:32.0578 3236 C:\WINDOWS\system32\drivers\raspptp.sys - ok
11:53:32.0593 3236 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] C:\WINDOWS\system32\drivers\msgpc.sys
11:53:32.0593 3236 C:\WINDOWS\system32\drivers\msgpc.sys - ok
11:53:32.0593 3236 [ 09298EC810B07E5D582CB3A3F9255424 ] C:\WINDOWS\system32\drivers\psched.sys
11:53:32.0593 3236 C:\WINDOWS\system32\drivers\psched.sys - ok
11:53:32.0593 3236 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] C:\WINDOWS\system32\drivers\ptilink.sys
11:53:32.0593 3236 C:\WINDOWS\system32\drivers\ptilink.sys - ok
11:53:32.0609 3236 [ FDBB1D60066FCFBB7452FD8F9829B242 ] C:\WINDOWS\system32\drivers\raspti.sys
11:53:32.0609 3236 C:\WINDOWS\system32\drivers\raspti.sys - ok
11:53:32.0609 3236 [ 88155247177638048422893737429D9E ] C:\WINDOWS\system32\drivers\termdd.sys
11:53:32.0609 3236 C:\WINDOWS\system32\drivers\termdd.sys - ok
11:53:32.0609 3236 [ 35C9E97194C8CFB8430125F8DBC34D04 ] C:\WINDOWS\system32\drivers\mouclass.sys
11:53:32.0609 3236 C:\WINDOWS\system32\drivers\mouclass.sys - ok
11:53:32.0625 3236 [ E5A4D3DA0E733DD8C77251C5EB0D8FEA ] C:\WINDOWS\system32\drivers\SymIM.sys
11:53:32.0625 3236 C:\WINDOWS\system32\drivers\SymIM.sys - ok
11:53:32.0625 3236 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] C:\WINDOWS\system32\drivers\swenum.sys
11:53:32.0625 3236 C:\WINDOWS\system32\drivers\swenum.sys - ok
11:53:32.0625 3236 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] C:\WINDOWS\system32\drivers\update.sys
11:53:32.0625 3236 C:\WINDOWS\system32\drivers\update.sys - ok
11:53:32.0640 3236 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] C:\WINDOWS\system32\drivers\mssmbios.sys
11:53:32.0640 3236 C:\WINDOWS\system32\drivers\mssmbios.sys - ok
11:53:32.0640 3236 [ 9282BD12DFB069D3889EB3FCC1000A9B ] C:\WINDOWS\system32\drivers\ndproxy.sys
11:53:32.0640 3236 C:\WINDOWS\system32\drivers\ndproxy.sys - ok
11:53:32.0640 3236 [ 6CB08593487F5701D2D2254E693EAFCE ] C:\WINDOWS\system32\drivers\drmk.sys
11:53:32.0640 3236 C:\WINDOWS\system32\drivers\drmk.sys - ok
11:53:32.0656 3236 [ E82A496C3961EFC6828B508C310CE98F ] C:\WINDOWS\system32\drivers\portcls.sys
11:53:32.0656 3236 C:\WINDOWS\system32\drivers\portcls.sys - ok
11:53:32.0656 3236 [ EAFD29C7918325B45E0DABAFD82EF75F ] C:\WINDOWS\system32\drivers\RtkHDAud.sys
11:53:32.0656 3236 C:\WINDOWS\system32\drivers\RtkHDAud.sys - ok
11:53:32.0656 3236 [ 1AB3CDDE553B6E064D2E754EFE20285C ] C:\WINDOWS\system32\drivers\usbhub.sys
11:53:32.0656 3236 C:\WINDOWS\system32\drivers\usbhub.sys - ok
11:53:32.0671 3236 [ C1B486A7658353D33A10CC15211A873B ] C:\WINDOWS\system32\drivers\cdaudio.sys
11:53:32.0671 3236 C:\WINDOWS\system32\drivers\cdaudio.sys - ok
11:53:32.0671 3236 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] C:\WINDOWS\system32\drivers\fs_rec.sys
11:53:32.0671 3236 C:\WINDOWS\system32\drivers\fs_rec.sys - ok
11:53:32.0687 3236 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] C:\WINDOWS\system32\drivers\null.sys
11:53:32.0687 3236 C:\WINDOWS\system32\drivers\null.sys - ok
11:53:32.0687 3236 [ 8E6B8C671615D126FDC553D1E2DE5562 ] C:\WINDOWS\system32\drivers\sfloppy.sys
11:53:32.0687 3236 C:\WINDOWS\system32\drivers\sfloppy.sys - ok
11:53:32.0687 3236 [ DA1F27D85E0D1525F6621372E7B685E9 ] C:\WINDOWS\system32\drivers\beep.sys
11:53:32.0687 3236 C:\WINDOWS\system32\drivers\beep.sys - ok
11:53:32.0703 3236 [ 96ECCF28FDBF1B2CC12725818A63628D ] C:\WINDOWS\system32\drivers\hidparse.sys
11:53:32.0703 3236 C:\WINDOWS\system32\drivers\hidparse.sys - ok
11:53:32.0703 3236 [ 9EF487A186DEA361AA06913A75B3FA99 ] C:\WINDOWS\system32\drivers\kbdhid.sys
11:53:32.0703 3236 C:\WINDOWS\system32\drivers\kbdhid.sys - ok
11:53:32.0703 3236 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] C:\WINDOWS\system32\drivers\mnmdd.sys
11:53:32.0703 3236 C:\WINDOWS\system32\drivers\mnmdd.sys - ok
11:53:32.0718 3236 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] C:\WINDOWS\system32\drivers\vga.sys
11:53:32.0718 3236 C:\WINDOWS\system32\drivers\vga.sys - ok
11:53:32.0718 3236 [ C941EA2454BA8350021D774DAF0F1027 ] C:\WINDOWS\system32\drivers\msfs.sys
11:53:32.0718 3236 C:\WINDOWS\system32\drivers\msfs.sys - ok
11:53:32.0718 3236 [ 3182D64AE053D6FB034F44B6DEF8034A ] C:\WINDOWS\system32\drivers\npfs.sys
11:53:32.0718 3236 C:\WINDOWS\system32\drivers\npfs.sys - ok
11:53:32.0734 3236 [ 4912D5B403614CE99C28420F75353332 ] C:\WINDOWS\system32\drivers\rdpcdd.sys
11:53:32.0734 3236 C:\WINDOWS\system32\drivers\rdpcdd.sys - ok
11:53:32.0734 3236 [ 23C74D75E36E7158768DD63D92789A91 ] C:\WINDOWS\system32\drivers\ipsec.sys
11:53:32.0734 3236 C:\WINDOWS\system32\drivers\ipsec.sys - ok
11:53:32.0734 3236 [ FE0D99D6F31E4FAD8159F690D68DED9C ] C:\WINDOWS\system32\drivers\rasacd.sys
11:53:32.0734 3236 C:\WINDOWS\system32\drivers\rasacd.sys - ok
11:53:32.0750 3236 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] C:\WINDOWS\system32\drivers\tcpip.sys
11:53:32.0750 3236 C:\WINDOWS\system32\drivers\tcpip.sys - ok
11:53:32.0750 3236 [ CC748EA12C6EFFDE940EE98098BF96BB ] C:\WINDOWS\system32\drivers\ipnat.sys
11:53:32.0750 3236 C:\WINDOWS\system32\drivers\ipnat.sys - ok
11:53:32.0750 3236 [ 3B4A6CF6B737A998D753C17E8EB4C11E ] C:\WINDOWS\system32\drivers\N360\0300000.087\symtdi.sys
11:53:32.0750 3236 C:\WINDOWS\system32\drivers\N360\0300000.087\symtdi.sys - ok
11:53:32.0765 3236 [ 46AE80304322442CF5D971E63F138551 ] C:\WINDOWS\system32\drivers\SYMEVENT.SYS
11:53:32.0765 3236 C:\WINDOWS\system32\drivers\SYMEVENT.SYS - ok
11:53:32.0765 3236 [ E20B95BAEDB550F32DD489265C1DA1F6 ] C:\WINDOWS\system32\drivers\wanarp.sys
11:53:32.0765 3236 C:\WINDOWS\system32\drivers\wanarp.sys - ok
11:53:32.0765 3236 [ B5B8A80875C1DEDEDA8B02765642C32F ] C:\WINDOWS\system32\drivers\arp1394.sys
11:53:32.0765 3236 C:\WINDOWS\system32\drivers\arp1394.sys - ok
11:53:32.0781 3236 [ 3D4C6195812ACD7CD8EF59CB61DD8101 ] C:\WINDOWS\system32\drivers\N360\0300000.087\symfw.sys
11:53:32.0781 3236 C:\WINDOWS\system32\drivers\N360\0300000.087\symfw.sys - ok
11:53:32.0781 3236 [ 6F3537F67A2018F0A85176146CAEFA92 ] C:\WINDOWS\system32\drivers\N360\0300000.087\symndis.sys
11:53:32.0781 3236 C:\WINDOWS\system32\drivers\N360\0300000.087\symndis.sys - ok
11:53:32.0781 3236 [ 06609EFAC69823108456C53D7E0D55F9 ] C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20090206.001\IDSxpx86.sys
11:53:32.0781 3236 C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20090206.001\IDSxpx86.sys - ok
11:53:32.0796 3236 [ EC73D99C696BF3DA09A9B50D45B657B1 ] C:\WINDOWS\system32\drivers\N360\0300000.087\symids.sys
11:53:32.0796 3236 C:\WINDOWS\system32\drivers\N360\0300000.087\symids.sys - ok
11:53:32.0796 3236 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] C:\WINDOWS\system32\drivers\netbt.sys
11:53:32.0796 3236 C:\WINDOWS\system32\drivers\netbt.sys - ok
11:53:32.0796 3236 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] C:\WINDOWS\system32\drivers\afd.sys
11:53:32.0796 3236 C:\WINDOWS\system32\drivers\afd.sys - ok
11:53:32.0812 3236 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] C:\WINDOWS\system32\drivers\netbios.sys
11:53:32.0812 3236 C:\WINDOWS\system32\drivers\netbios.sys - ok
11:53:32.0812 3236 [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] C:\WINDOWS\system32\drivers\serial.sys
11:53:32.0812 3236 C:\WINDOWS\system32\drivers\serial.sys - ok
11:53:32.0812 3236 [ 6ABE6E225ADB5A751622A9CC3BC19CE8 ] C:\WINDOWS\system32\drivers\ws2ifsl.sys
11:53:32.0812 3236 C:\WINDOWS\system32\drivers\ws2ifsl.sys - ok
11:53:32.0828 3236 [ 8FCE268CDBDD83B23419D1F35F42C7B1 ] C:\WINDOWS\system32\drivers\amdk7.sys
11:53:32.0828 3236 C:\WINDOWS\system32\drivers\amdk7.sys - ok
11:53:32.0828 3236 [ 8C953733D8F36EB2133F5BB58808B66B ] C:\WINDOWS\system32\drivers\intelppm.sys
11:53:32.0828 3236 C:\WINDOWS\system32\drivers\intelppm.sys - ok
11:53:32.0828 3236 [ 262072D44A269E6D590291F8321F00B1 ] C:\WINDOWS\system32\drivers\N360\0300000.087\srtspx.sys
11:53:32.0828 3236 C:\WINDOWS\system32\drivers\N360\0300000.087\srtspx.sys - ok
11:53:32.0828 3236 [ 7AD224AD1A1437FE28D89CF22B17780A ] C:\WINDOWS\system32\drivers\rdbss.sys
11:53:32.0828 3236 C:\WINDOWS\system32\drivers\rdbss.sys - ok
11:53:32.0843 3236 [ 02960A9C3F4E5178EDBD9C0D2D995B3B ] C:\WINDOWS\system32\drivers\srvkp.sys
11:53:32.0843 3236 C:\WINDOWS\system32\drivers\srvkp.sys - ok
11:53:32.0843 3236 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] C:\WINDOWS\system32\drivers\mrxsmb.sys
11:53:32.0843 3236 C:\WINDOWS\system32\drivers\mrxsmb.sys - ok
11:53:32.0843 3236 [ D45926117EB9FA946A6AF572FBE1CAA3 ] C:\WINDOWS\system32\drivers\fips.sys
11:53:32.0843 3236 C:\WINDOWS\system32\drivers\fips.sys - ok
11:53:32.0859 3236 [ 70AEAC5D481B2904B40F2173E280B1B5 ] C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
11:53:32.0859 3236 C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys - ok
11:53:32.0859 3236 [ 00BD6FC4A873D3341DCF9AEF2D3C841E ] C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
11:53:32.0859 3236 C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys - ok
11:53:32.0859 3236 [ 8A0B7BD7947F769C2D87F795BC97E766 ] C:\WINDOWS\system32\drivers\N360\0300000.087\BHDrvx86.sys
11:53:32.0859 3236 C:\WINDOWS\system32\drivers\N360\0300000.087\BHDrvx86.sys - ok
11:53:32.0875 3236 [ 7652F4E64C389B80AC6282339E5FA386 ] C:\WINDOWS\system32\drivers\N360\0300000.087\cchpx86.sys
11:53:32.0875 3236 C:\WINDOWS\system32\drivers\N360\0300000.087\cchpx86.sys - ok
11:53:32.0875 3236 [ 173F317CE0DB8E21322E71B7E60A27E8 ] C:\WINDOWS\system32\drivers\usbccgp.sys
11:53:32.0875 3236 C:\WINDOWS\system32\drivers\usbccgp.sys - ok
11:53:32.0875 3236 [ 5F816C1F539266D2D4C78694239DA0B5 ] C:\WINDOWS\system32\smss.exe
11:53:32.0875 3236 C:\WINDOWS\system32\smss.exe - ok
11:53:32.0890 3236 [ F8F0D25CA553E39DDE485D8FC7FCCE89 ] C:\WINDOWS\system32\ntdll.dll
11:53:32.0890 3236 C:\WINDOWS\system32\ntdll.dll - ok
11:53:32.0890 3236 [ 23043C91A0F9DFB4B9E9F87B680863B4 ] C:\WINDOWS\system32\autochk.exe
11:53:32.0890 3236 C:\WINDOWS\system32\autochk.exe - ok
11:53:32.0890 3236 [ 38D332A6D56AF32635675F132548343E ] C:\WINDOWS\system32\drivers\fastfat.sys
11:53:32.0890 3236 C:\WINDOWS\system32\drivers\fastfat.sys - ok
11:53:32.0906 3236 [ A32426D9B14A089EAA1D922E0C5801A9 ] C:\WINDOWS\system32\drivers\usbstor.sys
11:53:32.0906 3236 C:\WINDOWS\system32\drivers\usbstor.sys - ok
11:53:32.0906 3236 [ 9DD07AF82244867CA36681EA2D29CE79 ] C:\WINDOWS\system32\sfcfiles.dll
11:53:32.0906 3236 C:\WINDOWS\system32\sfcfiles.dll - ok
11:53:32.0906 3236 [ 1AF592532532A402ED7C060F6954004F ] C:\WINDOWS\system32\drivers\hidclass.sys
11:53:32.0906 3236 C:\WINDOWS\system32\drivers\hidclass.sys - ok
11:53:32.0921 3236 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] C:\WINDOWS\system32\drivers\hidusb.sys
11:53:32.0921 3236 C:\WINDOWS\system32\drivers\hidusb.sys - ok
11:53:32.0921 3236 [ 01CC7FB6E790EF044B411377F3A1FF41 ] C:\WINDOWS\system32\drivers\LHidFilt.Sys
11:53:32.0921 3236 C:\WINDOWS\system32\drivers\LHidFilt.Sys - ok
11:53:32.0921 3236 [ B1C303E17FB9D46E87A98E4BA6769685 ] C:\WINDOWS\system32\drivers\mouhid.sys
11:53:32.0921 3236 C:\WINDOWS\system32\drivers\mouhid.sys - ok
11:53:32.0937 3236 [ FD47474BD21794508AF449D9D91AF6E6 ] C:\WINDOWS\system32\drivers\wdf01000.sys
11:53:32.0937 3236 C:\WINDOWS\system32\drivers\wdf01000.sys - ok
11:53:32.0937 3236 [ DED98A3E466251CCAB93D579144B048C ] C:\WINDOWS\system32\drivers\wdfldr.sys
11:53:32.0937 3236 C:\WINDOWS\system32\drivers\wdfldr.sys - ok
11:53:32.0937 3236 [ A2E7EAE8898D7B4B8C302B8F4E836BB5 ] C:\WINDOWS\system32\drivers\LMouFilt.Sys
11:53:32.0937 3236 C:\WINDOWS\system32\drivers\LMouFilt.Sys - ok
11:53:32.0953 3236 [ C885B02847F5D2FD45A24E219ED93B32 ] C:\WINDOWS\system32\drivers\cdfs.sys
11:53:32.0953 3236 C:\WINDOWS\system32\drivers\cdfs.sys - ok
11:53:32.0953 3236 [ 2F31B7F954BED437F2C75026C65CAF7B ] C:\WINDOWS\system32\drivers\wmilib.sys
11:53:32.0953 3236 C:\WINDOWS\system32\drivers\wmilib.sys - ok
11:53:32.0953 3236 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] C:\WINDOWS\system32\drivers\atapi.sys
11:53:32.0953 3236 C:\WINDOWS\system32\drivers\atapi.sys - ok
11:53:32.0968 3236 [ FE97D0343ACFDEBDD578FC67CC91FA87 ] C:\WINDOWS\system32\drivers\dxapi.sys
11:53:32.0968 3236 C:\WINDOWS\system32\drivers\dxapi.sys - ok
11:53:32.0968 3236 [ 9A10AACBFDC4922715375FB4065EC930 ] C:\WINDOWS\system32\watchdog.sys
11:53:32.0968 3236 C:\WINDOWS\system32\watchdog.sys - ok
11:53:32.0968 3236 [ D6F934A361D7F0BE8271673988D4E7FD ] C:\WINDOWS\system32\win32k.sys
11:53:32.0968 3236 C:\WINDOWS\system32\win32k.sys - ok
11:53:32.0984 3236 [ DD40363ABAD230A84C5E2178B11EFA88 ] C:\WINDOWS\system32\csrsrv.dll
11:53:32.0984 3236 C:\WINDOWS\system32\csrsrv.dll - ok
11:53:32.0984 3236 [ 44F275C64738EA2056E3D9580C23B60F ] C:\WINDOWS\system32\csrss.exe
11:53:32.0984 3236 C:\WINDOWS\system32\csrss.exe - ok
11:53:32.0984 3236 [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll
11:53:32.0984 3236 C:\WINDOWS\system32\basesrv.dll - ok
11:53:33.0000 3236 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll
11:53:33.0000 3236 C:\WINDOWS\system32\winsrv.dll - ok
11:53:33.0000 3236 [ 8B1F3320AEBB536E021A5014409862DE ] C:\WINDOWS\system32\gdi32.dll
11:53:33.0000 3236 C:\WINDOWS\system32\gdi32.dll - ok
11:53:33.0000 3236 [ B921FB870C9AC0D509B2CCABBBBE95F3 ] C:\WINDOWS\system32\kernel32.dll
11:53:33.0000 3236 C:\WINDOWS\system32\kernel32.dll - ok
11:53:33.0015 3236 [ B26B135FF1B9F60C9388B4A7D16F600B ] C:\WINDOWS\system32\user32.dll
11:53:33.0015 3236 C:\WINDOWS\system32\user32.dll - ok
11:53:33.0015 3236 [ AC7280566A7BB85CB3291F04DDC1198E ] C:\WINDOWS\system32\drivers\dxg.sys
11:53:33.0015 3236 C:\WINDOWS\system32\drivers\dxg.sys - ok
11:53:33.0015 3236 [ A73F5D6705B1D820C19B18782E176EFD ] C:\WINDOWS\system32\drivers\dxgthk.sys
11:53:33.0015 3236 C:\WINDOWS\system32\drivers\dxgthk.sys - ok
11:53:33.0031 3236 [ F6AA886CAC3E2B64DBF1A99CCFC86806 ] C:\WINDOWS\system32\nv4_disp.dll
11:53:33.0031 3236 C:\WINDOWS\system32\nv4_disp.dll - ok
11:53:33.0031 3236 [ ECB7591870F8BFB1A4C17B718AD5A4AA ] C:\WINDOWS\system32\vga.dll
11:53:33.0031 3236 C:\WINDOWS\system32\vga.dll - ok
11:53:33.0031 3236 [ ED0EF0A136DEC83DF69F04118870003E ] C:\WINDOWS\system32\winlogon.exe
11:53:33.0031 3236 C:\WINDOWS\system32\winlogon.exe - ok
11:53:33.0046 3236 [ E76F8807070ED04E7408A86D6D3A6137 ] C:\WINDOWS\system32\advapi32.dll
11:53:33.0046 3236 C:\WINDOWS\system32\advapi32.dll - ok
11:53:33.0046 3236 [ D4502F124289A31976130CCCB014C9AA ] C:\WINDOWS\system32\rpcrt4.dll
11:53:33.0046 3236 C:\WINDOWS\system32\rpcrt4.dll - ok
11:53:33.0046 3236 [ 714705F29A917993536A6AB2DEDB0B7F ] C:\WINDOWS\system32\authz.dll
11:53:33.0046 3236 C:\WINDOWS\system32\authz.dll - ok
11:53:33.0062 3236 [ 5357826C8A8DD6A07F17C48BB45BE46E ] C:\WINDOWS\system32\secur32.dll
11:53:33.0062 3236 C:\WINDOWS\system32\secur32.dll - ok
11:53:33.0062 3236 [ 355EDBB4D412B01F1740C17E3F50FA00 ] C:\WINDOWS\system32\msvcrt.dll
11:53:33.0062 3236 C:\WINDOWS\system32\msvcrt.dll - ok
11:53:33.0062 3236 [ 64416C6E07606720C1ECE6DD374BDFFD ] C:\WINDOWS\system32\crypt32.dll
11:53:33.0062 3236 C:\WINDOWS\system32\crypt32.dll - ok
11:53:33.0078 3236 [ 04D898830DF96A17A20FD35D7590F87E ] C:\WINDOWS\system32\msasn1.dll
11:53:33.0078 3236 C:\WINDOWS\system32\msasn1.dll - ok
11:53:33.0078 3236 [ 013C1148C1EC025596896E093F60F608 ] C:\WINDOWS\system32\nddeapi.dll
11:53:33.0078 3236 C:\WINDOWS\system32\nddeapi.dll - ok
11:53:33.0078 3236 [ CAC752BF84DB4666ED3CE0948E6EA937 ] C:\WINDOWS\system32\netapi32.dll
11:53:33.0078 3236 C:\WINDOWS\system32\netapi32.dll - ok
11:53:33.0078 3236 [ FCFA1C55971CC229D353B3A15ACCD995 ] C:\WINDOWS\system32\profmap.dll
11:53:33.0093 3236 C:\WINDOWS\system32\profmap.dll - ok
11:53:33.0093 3236 [ 43D13C80EBEC0135A3611E0F616F179B ] C:\WINDOWS\system32\userenv.dll
11:53:33.0093 3236 C:\WINDOWS\system32\userenv.dll - ok
11:53:33.0093 3236 [ 9CFCB3CA3D83B4EAA133F0644A2C6F31 ] C:\WINDOWS\system32\psapi.dll
11:53:33.0093 3236 C:\WINDOWS\system32\psapi.dll - ok
11:53:33.0093 3236 [ AF11C591F2F4AFF4A6CF699D376F618B ] C:\WINDOWS\system32\regapi.dll
11:53:33.0093 3236 C:\WINDOWS\system32\regapi.dll - ok
11:53:33.0109 3236 [ 24192246760E0E64435522E246B1D6C2 ] C:\WINDOWS\system32\setupapi.dll
11:53:33.0109 3236 C:\WINDOWS\system32\setupapi.dll - ok
11:53:33.0109 3236 [ C7CE131408739B0B3A318BE2D0032719 ] C:\WINDOWS\system32\version.dll
11:53:33.0109 3236 C:\WINDOWS\system32\version.dll - ok
11:53:33.0109 3236 [ 430CEB794F6E6EF8AC86958C242366D6 ] C:\WINDOWS\system32\winsta.dll
11:53:33.0109 3236 C:\WINDOWS\system32\winsta.dll - ok
11:53:33.0125 3236 [ 95F5C420E9BDD4C3569602911420A774 ] C:\WINDOWS\system32\wintrust.dll
11:53:33.0125 3236 C:\WINDOWS\system32\wintrust.dll - ok
11:53:33.0125 3236 [ FFC01A72D1C25CCB39F61B202CE60819 ] C:\WINDOWS\system32\imagehlp.dll
11:53:33.0125 3236 C:\WINDOWS\system32\imagehlp.dll - ok
11:53:33.0125 3236 [ 0DA85218E92526972A821587E6A8BF8F ] C:\WINDOWS\system32\imm32.dll
11:53:33.0125 3236 C:\WINDOWS\system32\imm32.dll - ok
11:53:33.0140 3236 [ 9789E95E1D88EEB4B922BF3EA7779C28 ] C:\WINDOWS\system32\ws2help.dll
11:53:33.0140 3236 C:\WINDOWS\system32\ws2help.dll - ok
11:53:33.0140 3236 [ 2CCC474EB85CEAA3E1FA1726580A3E5A ] C:\WINDOWS\system32\ws2_32.dll
11:53:33.0140 3236 C:\WINDOWS\system32\ws2_32.dll - ok
11:53:33.0140 3236 [ DAB9952E3626D84E74CBF4958B1B1F52 ] C:\WINDOWS\system32\kbduk.dll
11:53:33.0140 3236 C:\WINDOWS\system32\kbduk.dll - ok
11:53:33.0156 3236 [ 56C5B179FE3308B655EB6208C3256FEC ] C:\WINDOWS\system32\kbdus.dll
11:53:33.0156 3236 C:\WINDOWS\system32\kbdus.dll - ok
11:53:33.0156 3236 [ D7B7A57C0E57C836F18CF12A4C62A1CA ] C:\WINDOWS\system32\msgina.dll
11:53:33.0156 3236 C:\WINDOWS\system32\msgina.dll - ok
11:53:33.0156 3236 [ 93AFB83FBC1F9443CAC722FCA63D73BF ] C:\WINDOWS\system32\comctl32.dll
11:53:33.0156 3236 C:\WINDOWS\system32\comctl32.dll - ok
11:53:33.0171 3236 [ 40B0F98BAD16AD5DEF894E88C3EF8014 ] C:\WINDOWS\system32\odbc32.dll
11:53:33.0171 3236 C:\WINDOWS\system32\odbc32.dll - ok
11:53:33.0171 3236 [ 86987A5000DFA3EBE2275C0456BCF2FE ] C:\WINDOWS\system32\comdlg32.dll
11:53:33.0171 3236 C:\WINDOWS\system32\comdlg32.dll - ok
11:53:33.0171 3236 [ 6843D54BC4A40CC8C5741AF750233D10 ] C:\WINDOWS\system32\shell32.dll
11:53:33.0171 3236 C:\WINDOWS\system32\shell32.dll - ok
11:53:33.0187 3236 [ C448A248B743F5FB935C787A5D97268B ] C:\WINDOWS\system32\shlwapi.dll
11:53:33.0187 3236 C:\WINDOWS\system32\shlwapi.dll - ok
11:53:33.0187 3236 [ 694503348B586E99D56C0E30AB5B3EF8 ] C:\WINDOWS\system32\sxs.dll
11:53:33.0187 3236 C:\WINDOWS\system32\sxs.dll - ok
11:53:33.0187 3236 [ 736B12B725AEB2B07F0241A9F680CB10 ] C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
11:53:33.0187 3236 C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll - ok
11:53:33.0203 3236 [ 6B7C6B32F8E84D56C6260D684019FEA2 ] C:\WINDOWS\system32\odbcint.dll
11:53:33.0203 3236 C:\WINDOWS\system32\odbcint.dll - ok
11:53:33.0203 3236 [ 99BC0B50F511924348BE19C7C7313BBF ] C:\WINDOWS\system32\shsvcs.dll
11:53:33.0203 3236 C:\WINDOWS\system32\shsvcs.dll - ok
11:53:33.0203 3236 [ 96E1C926F22EE1BFBAE82901A35F6BF3 ] C:\WINDOWS\system32\sfc.dll
11:53:33.0203 3236 C:\WINDOWS\system32\sfc.dll - ok
11:53:33.0218 3236 [ 6B5DB6789177A4FD0DEBC248041D0739 ] C:\WINDOWS\system32\sfc_os.dll
11:53:33.0218 3236 C:\WINDOWS\system32\sfc_os.dll - ok
11:53:33.0218 3236 [ 6BAD1BED9872E62049E487FB91AE2F3A ] C:\WINDOWS\system32\ole32.dll
11:53:33.0218 3236 C:\WINDOWS\system32\ole32.dll - ok
11:53:33.0218 3236 [ CF492D7E9AF1C628B3536D20EF6F5CC7 ] C:\WINDOWS\system32\apphelp.dll
11:53:33.0218 3236 C:\WINDOWS\system32\apphelp.dll - ok
11:53:33.0234 3236 [ 65DF52F5B8B6E9BBD183505225C37315 ] C:\WINDOWS\system32\services.exe
11:53:33.0234 3236 C:\WINDOWS\system32\services.exe - ok
11:53:33.0234 3236 [ F404830F3CD9BF8F2515E489C0CDA297 ] C:\WINDOWS\system32\msvcp60.dll
11:53:33.0234 3236 C:\WINDOWS\system32\msvcp60.dll - ok
11:53:33.0234 3236 [ EC29A79F1E76DC509E24D401F29D0678 ] C:\WINDOWS\system32\ncobjapi.dll
11:53:33.0234 3236 C:\WINDOWS\system32\ncobjapi.dll - ok
11:53:33.0250 3236 [ 473AEFCD0D33ED3BB04FC9755AE37DBF ] C:\WINDOWS\system32\savedump.exe
11:53:33.0250 3236 C:\WINDOWS\system32\savedump.exe - ok
11:53:33.0250 3236 [ 06848C5A1674FE6C9B7E9CA9B5B4E6E5 ] C:\WINDOWS\system32\dbgeng.dll
11:53:33.0250 3236 C:\WINDOWS\system32\dbgeng.dll - ok
11:53:33.0250 3236 [ BD31DC6DBE9333C4FBD4BDF0899F2160 ] C:\WINDOWS\system32\lsasrv.dll
11:53:33.0250 3236 C:\WINDOWS\system32\lsasrv.dll - ok
11:53:33.0265 3236 [ BF2466B3E18E970D8A976FB95FC1CA85 ] C:\WINDOWS\system32\lsass.exe
11:53:33.0265 3236 C:\WINDOWS\system32\lsass.exe - ok
11:53:33.0265 3236 [ B24A42A413E694AD73FDFB7FBD492C31 ] C:\WINDOWS\system32\scesrv.dll
11:53:33.0265 3236 C:\WINDOWS\system32\scesrv.dll - ok
11:53:33.0265 3236 [ DD7BD97FB8BD800963789158A5E4B41D ] C:\WINDOWS\system32\mpr.dll
11:53:33.0265 3236 C:\WINDOWS\system32\mpr.dll - ok
11:53:33.0281 3236 [ 2EDFC2A8893435723AD80481803C6D5C ] C:\WINDOWS\system32\umpnpmgr.dll
11:53:33.0281 3236 C:\WINDOWS\system32\umpnpmgr.dll - ok
11:53:33.0281 3236 [ B6E6F3F5B63053D5DC1F4EE32992492F ] C:\WINDOWS\system32\dbghelp.dll
11:53:33.0281 3236 C:\WINDOWS\system32\dbghelp.dll - ok
11:53:33.0281 3236 [ EC4C0D9BFD9F7E33F8B395AD54E13063 ] C:\WINDOWS\system32\ntdsapi.dll
11:53:33.0281 3236 C:\WINDOWS\system32\ntdsapi.dll - ok
11:53:33.0296 3236 [ 1F03103598BD817B1078DAB1326DDE11 ] C:\WINDOWS\system32\shimeng.dll
11:53:33.0296 3236 C:\WINDOWS\system32\shimeng.dll - ok
11:53:33.0296 3236 [ EA9EE60B408878E5F2012F9C783836DB ] C:\WINDOWS\AppPatch\acadproc.dll
11:53:33.0296 3236 C:\WINDOWS\AppPatch\acadproc.dll - ok
11:53:33.0296 3236 [ 389496118B3B03C2328024AF320132AC ] C:\WINDOWS\system32\dnsapi.dll
11:53:33.0296 3236 C:\WINDOWS\system32\dnsapi.dll - ok
11:53:33.0312 3236 [ 0492CF5870F0E616B0C71695A433D162 ] C:\WINDOWS\system32\wldap32.dll
11:53:33.0312 3236 C:\WINDOWS\system32\wldap32.dll - ok
11:53:33.0312 3236 [ 8329A39D5A402A75A74301D6A62ECDA1 ] C:\WINDOWS\system32\samlib.dll
11:53:33.0312 3236 C:\WINDOWS\system32\samlib.dll - ok
11:53:33.0312 3236 [ F05B8CDB7FE0E55DCCFB1D946CE80064 ] C:\WINDOWS\system32\samsrv.dll
11:53:33.0312 3236 C:\WINDOWS\system32\samsrv.dll - ok
11:53:33.0328 3236 [ 17A1D675C12BBF80CAAC54A4855C41D0 ] C:\WINDOWS\system32\cryptdll.dll
11:53:33.0328 3236 C:\WINDOWS\system32\cryptdll.dll - ok
11:53:33.0328 3236 [ 310C15FD8358B2C4CD7A5B98A112883F ] C:\WINDOWS\AppPatch\acgenral.dll
11:53:33.0328 3236 C:\WINDOWS\AppPatch\acgenral.dll - ok
11:53:33.0328 3236 [ 4A953F13942867BA8FB41F141EC1B80C ] C:\WINDOWS\system32\winmm.dll
11:53:33.0328 3236 C:\WINDOWS\system32\winmm.dll - ok
11:53:33.0343 3236 [ 1B2BE5777F69A71778F52FFEE1C798D6 ] C:\WINDOWS\system32\oleaut32.dll
11:53:33.0343 3236 C:\WINDOWS\system32\oleaut32.dll - ok
11:53:33.0343 3236 [ 2098AB52BD5316E59AA36F3437B13BE6 ] C:\WINDOWS\system32\msacm32.dll
11:53:33.0343 3236 C:\WINDOWS\system32\msacm32.dll - ok
11:53:33.0343 3236 [ 7A2CC3719B255E6B5D74396183B7715B ] C:\WINDOWS\system32\uxtheme.dll
11:53:33.0343 3236 C:\WINDOWS\system32\uxtheme.dll - ok
11:53:33.0359 3236 [ 0099D24356585743B0B35C222092FD8F ] C:\WINDOWS\system32\faultrep.dll
11:53:33.0359 3236 C:\WINDOWS\system32\faultrep.dll - ok
11:53:33.0359 3236 [ F24B12786D60A17008319E3F2AEE7799 ] C:\WINDOWS\system32\msapsspc.dll
11:53:33.0359 3236 C:\WINDOWS\system32\msapsspc.dll - ok
11:53:33.0359 3236 [ 7A660EDC0757849DF5F8706FB6E9F740 ] C:\WINDOWS\system32\msvcrt40.dll
11:53:33.0359 3236 C:\WINDOWS\system32\msvcrt40.dll - ok
11:53:33.0375 3236 [ 0E2735281FBB9A764D5584C2A5DCBA59 ] C:\WINDOWS\system32\wtsapi32.dll
11:53:33.0375 3236 C:\WINDOWS\system32\wtsapi32.dll - ok
11:53:33.0375 3236 [ 0F64207B49390C8063C36AE7CBF9C2DB ] C:\WINDOWS\system32\schannel.dll
11:53:33.0375 3236 C:\WINDOWS\system32\schannel.dll - ok
11:53:33.0375 3236 [ 3D76DD0CBC536E0F8C45D23ED230BEB2 ] C:\WINDOWS\system32\digest.dll
11:53:33.0375 3236 C:\WINDOWS\system32\digest.dll - ok
11:53:33.0390 3236 [ A4388DF80E52695AE92EE5F3F61F1619 ] C:\WINDOWS\system32\msnsspc.dll
11:53:33.0390 3236 C:\WINDOWS\system32\msnsspc.dll - ok
11:53:33.0390 3236 [ 3F790874A85819E94574F3E7AF9C5806 ] C:\WINDOWS\system32\msctfime.ime
11:53:33.0390 3236 C:\WINDOWS\system32\msctfime.ime - ok
11:53:33.0390 3236 [ C6BB1D1500DB4A0E224CB65E6C7E8A80 ] C:\WINDOWS\system32\msprivs.dll
11:53:33.0390 3236 C:\WINDOWS\system32\msprivs.dll - ok
11:53:33.0406 3236 [ A525C96C51D55111FDF3BEA9FFFFC7AE ] C:\WINDOWS\system32\kerberos.dll
11:53:33.0406 3236 C:\WINDOWS\system32\kerberos.dll - ok
11:53:33.0406 3236 [ AF07DC9B7CC455629E732340C7B15F3A ] C:\WINDOWS\system32\iphlpapi.dll
11:53:33.0406 3236 C:\WINDOWS\system32\iphlpapi.dll - ok
11:53:33.0406 3236 [ 517561A1113B04E51D936CD018DE1C1F ] C:\WINDOWS\system32\msv1_0.dll
11:53:33.0406 3236 C:\WINDOWS\system32\msv1_0.dll - ok
11:53:33.0421 3236 [ 1B7F071C51B77C272875C3A23E1E4550 ] C:\WINDOWS\system32\netlogon.dll
11:53:33.0421 3236 C:\WINDOWS\system32\netlogon.dll - ok
11:53:33.0421 3236 [ 54AF4B1D5459500EF0937F6D33B1914F ] C:\WINDOWS\system32\w32time.dll
11:53:33.0421 3236 C:\WINDOWS\system32\w32time.dll - ok
11:53:33.0421 3236 [ 3AAF9B35939FF9E58CCD18D41655C2FC ] C:\WINDOWS\system32\wdigest.dll
11:53:33.0421 3236 C:\WINDOWS\system32\wdigest.dll - ok
11:53:33.0437 3236 [ 54DAE3EA34802B4ED9AE1C6B1209FA56 ] C:\WINDOWS\system32\rsaenh.dll
11:53:33.0437 3236 C:\WINDOWS\system32\rsaenh.dll - ok
11:53:33.0437 3236 [ 1E644E3533DCE2B580A663AE1ACBD539 ] C:\WINDOWS\system32\atmfd.dll
11:53:33.0437 3236 C:\WINDOWS\system32\atmfd.dll - ok
11:53:33.0437 3236 [ 02988B904C386B500CD08639C4C20EEA ] C:\WINDOWS\system32\winscard.dll
11:53:33.0437 3236 C:\WINDOWS\system32\winscard.dll - ok
11:53:33.0453 3236 [ A86BB5E61BF3E39B62AB4C7E7085A084 ] C:\WINDOWS\system32\scecli.dll
11:53:33.0453 3236 C:\WINDOWS\system32\scecli.dll - ok
11:53:33.0453 3236 [ B7CA8CC3F978201856B6AB82F40953C3 ] C:\WINDOWS\system32\drivers\mbam.sys
11:53:33.0453 3236 C:\WINDOWS\system32\drivers\mbam.sys - ok
11:53:33.0453 3236 [ 27C6D03BCDB8CFEB96B716F3D8BE3E18 ] C:\WINDOWS\system32\svchost.exe
11:53:33.0453 3236 C:\WINDOWS\system32\svchost.exe - ok
11:53:33.0468 3236 [ 549290DBC280C887681D7652978DBBE0 ] C:\WINDOWS\system32\ntmarta.dll
11:53:33.0468 3236 C:\WINDOWS\system32\ntmarta.dll - ok
11:53:33.0468 3236 [ 6B27A5C03DFB94B4245739065431322C ] C:\WINDOWS\system32\rpcss.dll
11:53:33.0468 3236 C:\WINDOWS\system32\rpcss.dll - ok
11:53:33.0468 3236 [ 16403217AB6FC5C30C14C6B12098AD4B ] C:\WINDOWS\system32\xpsp2res.dll
11:53:33.0468 3236 C:\WINDOWS\system32\xpsp2res.dll - ok
11:53:33.0484 3236 [ 6D4FEB43EE538FC5428CC7F0565AA656 ] C:\WINDOWS\system32\eventlog.dll
11:53:33.0484 3236 C:\WINDOWS\system32\eventlog.dll - ok
11:53:33.0484 3236 [ 943337D786A56729263071623BBB9DE5 ] C:\WINDOWS\system32\mswsock.dll
11:53:33.0484 3236 C:\WINDOWS\system32\mswsock.dll - ok
11:53:33.0484 3236 [ 3CB32D3B8CBE79899D63280BB7A83CD9 ] C:\WINDOWS\system32\hnetcfg.dll
11:53:33.0484 3236 C:\WINDOWS\system32\hnetcfg.dll - ok
11:53:33.0500 3236 [ 4E3D06D6E68EEDB52565080F55B460D3 ] C:\WINDOWS\system32\wshtcpip.dll
11:53:33.0500 3236 C:\WINDOWS\system32\wshtcpip.dll - ok
11:53:33.0500 3236 [ 0E3E56064E162EE9CC48698355098301 ] C:\Program Files\Bonjour\mdnsNSP.dll
11:53:33.0500 3236 C:\Program Files\Bonjour\mdnsNSP.dll - ok
11:53:33.0500 3236 [ D72B9EC3337B247A666F098F3D6B43DE ] C:\WINDOWS\system32\winrnr.dll
11:53:33.0500 3236 C:\WINDOWS\system32\winrnr.dll - ok
11:53:33.0515 3236 [ 6F9BEF24C578D5D6740E080BEDD6A448 ] C:\WINDOWS\system32\rasadhlp.dll
11:53:33.0515 3236 C:\WINDOWS\system32\rasadhlp.dll - ok
11:53:33.0515 3236 [ AE93084D2D236887BA56467AE42B4955 ] C:\WINDOWS\system32\WudfSvc.dll
11:53:33.0515 3236 C:\WINDOWS\system32\WudfSvc.dll - ok
11:53:33.0515 3236 [ 904120AAB6EF27B6AF73C19D09EB2695 ] C:\WINDOWS\system32\WudfPlatform.dll
11:53:33.0515 3236 C:\WINDOWS\system32\WudfPlatform.dll - ok
11:53:33.0531 3236 [ 023867B6606FBABCDD52E089C4A507DA ] C:\WINDOWS\system32\drivers\AegisP.sys
11:53:33.0531 3236 C:\WINDOWS\system32\drivers\AegisP.sys - ok
11:53:33.0531 3236 [ F927A4434C5028758A842943EF1A3849 ] C:\WINDOWS\system32\drivers\ndisuio.sys
11:53:33.0531 3236 C:\WINDOWS\system32\drivers\ndisuio.sys - ok
11:53:33.0531 3236 [ 5E38D7684A49CACFB752B046357E0589 ] C:\WINDOWS\system32\dhcpcsvc.dll
11:53:33.0531 3236 C:\WINDOWS\system32\dhcpcsvc.dll - ok
11:53:33.0546 3236 [ 5F7E24FA9EAB896051FFB87F840730D2 ] C:\WINDOWS\system32\dnsrslvr.dll
11:53:33.0546 3236 C:\WINDOWS\system32\dnsrslvr.dll - ok
11:53:33.0546 3236 [ 2081A5B5E4ABA206A0A8A1A97DF0FB23 ] C:\WINDOWS\system32\logonui.exe
11:53:33.0546 3236 C:\WINDOWS\system32\logonui.exe - ok
11:53:33.0546 3236 [ 515A7FAE2070C2B0242B2353443E2F11 ] C:\WINDOWS\system32\cscdll.dll
11:53:33.0546 3236 C:\WINDOWS\system32\cscdll.dll - ok
11:53:33.0562 3236 [ 0AC731A0956AF6092F76E8F5159D00C1 ] C:\Program Files\Common Files\Logishrd\Bluetooth\LBTWLgn.dll
11:53:33.0562 3236 C:\Program Files\Common Files\Logishrd\Bluetooth\LBTWLgn.dll - ok
11:53:33.0562 3236 [ E2092F0A1D7ABC243F9C2362483D150D ] C:\WINDOWS\system32\dimsntfy.dll
11:53:33.0562 3236 C:\WINDOWS\system32\dimsntfy.dll - ok
11:53:33.0562 3236 [ 3D41A9326F0376FC73AF961DD23B1FB1 ] C:\WINDOWS\system32\duser.dll
11:53:33.0562 3236 C:\WINDOWS\system32\duser.dll - ok
11:53:33.0578 3236 [ AFFC87E2501FCE8F09D4C10BA6421CCF ] C:\WINDOWS\system32\msimg32.dll
11:53:33.0578 3236 C:\WINDOWS\system32\msimg32.dll - ok
11:53:33.0578 3236 [ 20200EE3CFE10E9F0C028D8653BE11C6 ] C:\WINDOWS\system32\oleacc.dll
11:53:33.0578 3236 C:\WINDOWS\system32\oleacc.dll - ok
11:53:33.0578 3236 [ A7DB739AE99A796D91580147E919CC59 ] C:\WINDOWS\system32\lmhsvc.dll
11:53:33.0578 3236 C:\WINDOWS\system32\lmhsvc.dll - ok
11:53:33.0578 3236 [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] C:\WINDOWS\system32\wzcsvc.dll
11:53:33.0578 3236 C:\WINDOWS\system32\wzcsvc.dll - ok
11:53:33.0593 3236 [ 876CCF164E08D6B903CD14398E056DD2 ] C:\WINDOWS\system32\rtutils.dll
11:53:33.0593 3236 C:\WINDOWS\system32\rtutils.dll - ok
11:53:33.0593 3236 [ 2CC34E8BB667EEF78899546E12649196 ] C:\WINDOWS\system32\wlnotify.dll
11:53:33.0593 3236 C:\WINDOWS\system32\wlnotify.dll - ok
11:53:33.0593 3236 [ E6EF7BC927D9F8F9BA1584BFC39E0C6F ] C:\WINDOWS\system32\eapolqec.dll
11:53:33.0593 3236 C:\WINDOWS\system32\eapolqec.dll - ok
11:53:33.0609 3236 [ BD83ABA61E8ACCC8D9FFB869F29418CE ] C:\WINDOWS\system32\winspool.drv
11:53:33.0609 3236 C:\WINDOWS\system32\winspool.drv - ok
11:53:33.0609 3236 [ 7B0770526801F05D58C51A3DFB87B4BD ] C:\WINDOWS\system32\wmi.dll
11:53:33.0609 3236 C:\WINDOWS\system32\wmi.dll - ok
11:53:33.0609 3236 [ 224FB925C641DA16CEB6D60F40CA4C75 ] C:\WINDOWS\system32\atl.dll
11:53:33.0609 3236 C:\WINDOWS\system32\atl.dll - ok
11:53:33.0625 3236 [ F137A0CA70003DB20448D540651FA003 ] C:\WINDOWS\system32\clbcatq.dll
11:53:33.0625 3236 C:\WINDOWS\system32\clbcatq.dll - ok
11:53:33.0625 3236 [ 8AE93AACC648921BAACB8602991AC4B3 ] C:\WINDOWS\system32\qutil.dll
11:53:33.0625 3236 C:\WINDOWS\system32\qutil.dll - ok
11:53:33.0625 3236 [ 8E2CC37BA87D8F681066E0E9C8A19F73 ] C:\WINDOWS\system32\dot3api.dll
11:53:33.0625 3236 C:\WINDOWS\system32\dot3api.dll - ok
11:53:33.0640 3236 [ 1280A158C722FA95A80FB7AEBE78FA7D ] C:\WINDOWS\system32\comres.dll
11:53:33.0640 3236 C:\WINDOWS\system32\comres.dll - ok
11:53:33.0640 3236 [ F5B754CDEA20BBB3A31E16A776EDE6D6 ] C:\WINDOWS\system32\esent.dll
11:53:33.0640 3236 C:\WINDOWS\system32\esent.dll - ok
11:53:33.0640 3236 [ E5EDBD51476DB5001ABF5C82AE5C3DD1 ] C:\WINDOWS\system32\shgina.dll
11:53:33.0640 3236 C:\WINDOWS\system32\shgina.dll - ok
11:53:33.0656 3236 [ A39BE37C9237DB5F1990D61B268EA555 ] C:\WINDOWS\system32\rastls.dll
11:53:33.0656 3236 C:\WINDOWS\system32\rastls.dll - ok
11:53:33.0656 3236 [ 6E4BE11D50F8A8DE2BAD644C9C9DE8D3 ] C:\WINDOWS\system32\cryptui.dll
11:53:33.0656 3236 C:\WINDOWS\system32\cryptui.dll - ok
11:53:33.0656 3236 [ C4300CB4D20B1159DC77E01E8A2525EC ] C:\WINDOWS\system32\wininet.dll
11:53:33.0656 3236 C:\WINDOWS\system32\wininet.dll - ok
11:53:33.0671 3236 [ 10753A3ADC3E39A3B10CC3F08E98E6B4 ] C:\WINDOWS\system32\normaliz.dll
11:53:33.0671 3236 C:\WINDOWS\system32\normaliz.dll - ok
11:53:33.0671 3236 [ C9335D5B07E6A930BD561D35C431A0AF ] C:\WINDOWS\system32\urlmon.dll
11:53:33.0671 3236 C:\WINDOWS\system32\urlmon.dll - ok
11:53:33.0671 3236 [ 46485AE6433AF77F237C792D3DA11F48 ] C:\WINDOWS\system32\iertutil.dll
11:53:33.0671 3236 C:\WINDOWS\system32\iertutil.dll - ok
11:53:33.0687 3236 [ 2CDAE321B8E878A278BA2D2FA013060B ] C:\WINDOWS\system32\activeds.dll
11:53:33.0687 3236 C:\WINDOWS\system32\activeds.dll - ok
11:53:33.0687 3236 [ 0D84657DBF93DB98673DEFDF2B29E25A ] C:\WINDOWS\system32\adsldpc.dll
11:53:33.0687 3236 C:\WINDOWS\system32\adsldpc.dll - ok
11:53:33.0687 3236 [ EA5B8BECA3F279C757578CD7F1E95855 ] C:\WINDOWS\system32\mprapi.dll
11:53:33.0687 3236 C:\WINDOWS\system32\mprapi.dll - ok
11:53:33.0703 3236 [ 92C4F48B62B0B876194584C3FF09CCB6 ] C:\WINDOWS\system32\rasapi32.dll
11:53:33.0703 3236 C:\WINDOWS\system32\rasapi32.dll - ok
11:53:33.0703 3236 [ 4DEF926F6A0545AE486A03C84F2EE482 ] C:\WINDOWS\system32\rasman.dll
11:53:33.0703 3236 C:\WINDOWS\system32\rasman.dll - ok
11:53:33.0718 3236 [ 00AABF131B4823785818DB99A075A313 ] C:\WINDOWS\system32\tapi32.dll
11:53:33.0718 3236 C:\WINDOWS\system32\tapi32.dll - ok
11:53:33.0718 3236 [ C1FAEA15E41F62D7BFA7FBC395C24BA6 ] C:\WINDOWS\system32\riched20.dll
11:53:33.0718 3236 C:\WINDOWS\system32\riched20.dll - ok
11:53:33.0718 3236 [ 56CE97FF94B7662A300D359CD6F4D601 ] C:\WINDOWS\system32\raschap.dll
11:53:33.0718 3236 C:\WINDOWS\system32\raschap.dll - ok
11:53:33.0718 3236 [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] C:\WINDOWS\system32\schedsvc.dll
11:53:33.0734 3236 C:\WINDOWS\system32\schedsvc.dll - ok
11:53:33.0734 3236 [ E47E364C96467FD54FA44D59F927C3AB ] C:\WINDOWS\system32\msidle.dll
11:53:33.0734 3236 C:\WINDOWS\system32\msidle.dll - ok
11:53:33.0734 3236 [ 60784F891563FB1B767F70117FC2428F ] C:\WINDOWS\system32\spoolsv.exe
11:53:33.0734 3236 C:\WINDOWS\system32\spoolsv.exe - ok
11:53:33.0734 3236 [ DEF7A7882BEC100FE0B2CE2549188F9D ] C:\WINDOWS\system32\audiosrv.dll
11:53:33.0734 3236 C:\WINDOWS\system32\audiosrv.dll - ok
11:53:33.0750 3236 [ A8888A5327621856C0CEC4E385F69309 ] C:\WINDOWS\system32\wkssvc.dll
11:53:33.0750 3236 C:\WINDOWS\system32\wkssvc.dll - ok
11:53:33.0750 3236 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] C:\WINDOWS\system32\drivers\mrxdav.sys
11:53:33.0750 3236 C:\WINDOWS\system32\drivers\mrxdav.sys - ok
11:53:33.0750 3236 [ 77A354E28153AD2D5E120A5A8687BC06 ] C:\WINDOWS\system32\webclnt.dll
11:53:33.0750 3236 C:\WINDOWS\system32\webclnt.dll - ok
11:53:33.0765 3236 [ A8AA9D47F971570A5162B862B80F87E8 ] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
11:53:33.0765 3236 C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe - ok
11:53:33.0765 3236 [ 67156D5A9AC356DC99D7BCCB388E3316 ] C:\WINDOWS\system32\wsock32.dll
11:53:33.0765 3236 C:\WINDOWS\system32\wsock32.dll - ok
11:53:33.0765 3236 [ 9EFE4236F8670846B6E7C5B0EFF6E715 ] C:\Program Files\Bonjour\mDNSResponder.exe
11:53:33.0765 3236 C:\Program Files\Bonjour\mDNSResponder.exe - ok
11:53:33.0781 3236 [ C5A75EB48E2344ABDC162BDA79E16841 ] C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
11:53:33.0781 3236 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe - ok
11:53:33.0781 3236 [ E5F7C30EDF0892667933BE879F067D67 ] C:\WINDOWS\system32\msvcr100_clr0400.dll
11:53:33.0781 3236 C:\WINDOWS\system32\msvcr100_clr0400.dll - ok
11:53:33.0781 3236 [ 128DD9AF8640DBCC711940903C8B554F ] C:\WINDOWS\system32\mscoree.dll
11:53:33.0781 3236 C:\WINDOWS\system32\mscoree.dll - ok
11:53:33.0796 3236 [ 3D4E199942E29207970E04315D02AD3B ] C:\WINDOWS\system32\cryptsvc.dll
11:53:33.0796 3236 C:\WINDOWS\system32\cryptsvc.dll - ok
11:53:33.0796 3236 [ 00709952D444EAE14DBBD30D36FBAE0F ] C:\WINDOWS\system32\certcli.dll
11:53:33.0796 3236 C:\WINDOWS\system32\certcli.dll - ok
11:53:33.0796 3236 [ 4FCCA060DFE0C51A09DD5C3843888BCD ] C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll
11:53:33.0796 3236 C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll - ok
11:53:33.0812 3236 [ BC93B4A066477954555966D77FEC9ECB ] C:\WINDOWS\system32\ersvc.dll
11:53:33.0812 3236 C:\WINDOWS\system32\ersvc.dll - ok
11:53:33.0812 3236 [ 80F08F50D248EEEEB9256F6522891D40 ] C:\Program Files\Java\jre7\bin\jqs.exe
11:53:33.0812 3236 C:\Program Files\Java\jre7\bin\jqs.exe - ok
11:53:33.0812 3236 [ D4991D98F2DB73C60D042F1AEF79EFAE ] C:\WINDOWS\system32\es.dll
11:53:33.0812 3236 C:\WINDOWS\system32\es.dll - ok
11:53:33.0828 3236 [ 8973122796E3B5D6B5900FC186E55FEA ] C:\WINDOWS\system32\hid.dll
11:53:33.0828 3236 C:\WINDOWS\system32\hid.dll - ok
11:53:33.0828 3236 [ DEB04DA35CC871B6D309B77E1443C796 ] C:\WINDOWS\system32\hidserv.dll
11:53:33.0828 3236 C:\WINDOWS\system32\hidserv.dll - ok
11:53:33.0828 3236 [ 67EC459E42D3081DD8FD34356F7CAFC1 ] C:\Program Files\Java\jre7\bin\msvcr100.dll
11:53:33.0828 3236 C:\Program Files\Java\jre7\bin\msvcr100.dll - ok
11:53:33.0843 3236 [ 62CF83A6989312A0DD39BBFFB3D1C166 ] C:\WINDOWS\system32\pdh.dll
11:53:33.0843 3236 C:\WINDOWS\system32\pdh.dll - ok
11:53:33.0843 3236 [ 369F7B1A4F358B976176556A1A331F36 ] C:\WINDOWS\system32\odbcbcp.dll
11:53:33.0843 3236 C:\WINDOWS\system32\odbcbcp.dll - ok
11:53:33.0843 3236 [ 3A7C3CBE5D96B8AE96CE81F0B22FB527 ] C:\WINDOWS\system32\srvsvc.dll
11:53:33.0843 3236 C:\WINDOWS\system32\srvsvc.dll - ok
11:53:33.0859 3236 [ 056B19651BD7B7CE5F89A3AC46DBDC08 ] C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
11:53:33.0859 3236 C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe - ok
11:53:33.0859 3236 [ BE2DC24D403643A2D1D98F33C7087B38 ] C:\WINDOWS\system32\drivers\LBeepKE.sys
11:53:33.0859 3236 C:\WINDOWS\system32\drivers\LBeepKE.sys - ok
11:53:33.0859 3236 [ 20FD44370267CCD0A64A1B31861C21D2 ] C:\WINDOWS\system32\netmsg.dll
11:53:33.0859 3236 C:\WINDOWS\system32\netmsg.dll - ok
11:53:33.0875 3236 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] C:\WINDOWS\system32\drivers\srv.sys
11:53:33.0875 3236 C:\WINDOWS\system32\drivers\srv.sys - ok
11:53:33.0875 3236 [ D3B6D02F0D95A62DFBAE7D7EA404DB59 ] C:\Program Files\Malwarebytes' Anti-Malware\mbamcore.dll
11:53:33.0875 3236 C:\Program Files\Malwarebytes' Anti-Malware\mbamcore.dll - ok
11:53:33.0875 3236 [ 79E3A8C328E7E569C32B0998377D9742 ] C:\WINDOWS\system32\spoolss.dll
11:53:33.0875 3236 C:\WINDOWS\system32\spoolss.dll - ok
11:53:33.0890 3236 [ ACDAFCD14EC0ECE89198503746A5C147 ] C:\WINDOWS\system32\perfos.dll
11:53:33.0890 3236 C:\WINDOWS\system32\perfos.dll - ok
11:53:33.0890 3236 [ ABFB673B24A9B3287761D497529FB5B9 ] C:\WINDOWS\system32\perfdisk.dll
11:53:33.0890 3236 C:\WINDOWS\system32\perfdisk.dll - ok
11:53:33.0890 3236 [ 5677DFE438EC1F009273FC84FEED6B10 ] C:\WINDOWS\system32\localspl.dll
11:53:33.0890 3236 C:\WINDOWS\system32\localspl.dll - ok
11:53:33.0906 3236 [ 82F9764EBE2EF590CD2B3BEB234E5671 ] C:\Program Files\Malwarebytes' Anti-Malware\mbam.dll
11:53:33.0906 3236 C:\Program Files\Malwarebytes' Anti-Malware\mbam.dll - ok
11:53:33.0906 3236 [ 5D3D1AB0EF4EA55B731863050482C111 ] C:\WINDOWS\system32\cnbjmon.dll
11:53:33.0906 3236 C:\WINDOWS\system32\cnbjmon.dll - ok
11:53:33.0906 3236 [ CC6292CA575E851E5B74BF8883AB967A ] C:\WINDOWS\system32\fxsmon.dll
11:53:33.0906 3236 C:\WINDOWS\system32\fxsmon.dll - ok
11:53:33.0921 3236 [ A2C2EC01306A666C4372BB7A06659B5D ] C:\Program Files\Malwarebytes' Anti-Malware\mbamnet.dll
11:53:33.0921 3236 C:\Program Files\Malwarebytes' Anti-Malware\mbamnet.dll - ok
11:53:33.0921 3236 [ BDB83C844EDEC9BD01A94750D2C38DDF ] C:\WINDOWS\system32\fxsevent.dll
11:53:33.0921 3236 C:\WINDOWS\system32\fxsevent.dll - ok
11:53:33.0921 3236 [ 222DE7F5EDB9DDBE628384A1A8BE59CE ] C:\WINDOWS\system32\pjlmon.dll
11:53:33.0921 3236 C:\WINDOWS\system32\pjlmon.dll - ok
11:53:33.0937 3236 [ C52CE534397E1D3A442FB4C88A3CBE42 ] C:\WINDOWS\system32\msonpmon.dll
11:53:33.0937 3236 C:\WINDOWS\system32\msonpmon.dll - ok
11:53:33.0937 3236 [ C9564CF4976E7E96B4052737AA2492B4 ] C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\msvcr80.dll
11:53:33.0937 3236 C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\msvcr80.dll - ok
11:53:33.0937 3236 [ D3F72D50DE53F9F1F55240115AF4D42E ] C:\WINDOWS\system32\msi.dll
11:53:33.0937 3236 C:\WINDOWS\system32\msi.dll - ok
11:53:33.0953 3236 [ AE0382AD9C73D343D85E1A50C80B7C20 ] C:\WINDOWS\system32\tcpmon.dll
11:53:33.0953 3236 C:\WINDOWS\system32\tcpmon.dll - ok
11:53:33.0953 3236 [ F26385E8BA4549B5186B774EC0E45D86 ] C:\WINDOWS\system32\usbmon.dll
11:53:33.0953 3236 C:\WINDOWS\system32\usbmon.dll - ok
11:53:33.0953 3236 [ EEE7F12D9FF46F68FBC0DA059A359E9E ] C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll
11:53:33.0953 3236 C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll - ok
11:53:33.0968 3236 [ F348280907B38FDBDB3CEF55D456E149 ] C:\WINDOWS\system32\spool\prtprocs\w32x86\msonpppr.dll
11:53:33.0968 3236 C:\WINDOWS\system32\spool\prtprocs\w32x86\msonpppr.dll - ok
11:53:33.0968 3236 [ 291778DFEBAA278B451D457B03C10AC1 ] C:\WINDOWS\system32\win32spl.dll
11:53:33.0968 3236 C:\WINDOWS\system32\win32spl.dll - ok
11:53:33.0968 3236 [ 1CD241289BB4D4E357DFF21B4DADA5EE ] C:\Program Files\Norton 360\Engine\3.0.0.135\ccSvcHst.exe
11:53:33.0968 3236 C:\Program Files\Norton 360\Engine\3.0.0.135\ccSvcHst.exe - ok
11:53:33.0984 3236 [ B41D53899E37CC43DA85DA19998BEE81 ] C:\WINDOWS\system32\netrap.dll
11:53:33.0984 3236 C:\WINDOWS\system32\netrap.dll - ok
11:53:33.0984 3236 [ EE4C651A217B01D636B5364AC77DA892 ] C:\WINDOWS\system32\inetpp.dll
11:53:33.0984 3236 C:\WINDOWS\system32\inetpp.dll - ok
11:53:33.0984 3236 [ 0B3595A4FF0B36D68E5FC67FD7D70FDC ] C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\msvcp80.dll
11:53:33.0984 3236 C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\msvcp80.dll - ok
11:53:34.0000 3236 [ 7307267DDDBC6F3B47B78ABF8B2B9313 ] C:\Program Files\Norton 360\Engine\3.0.0.135\ccL80U.dll
11:53:34.0000 3236 C:\Program Files\Norton 360\Engine\3.0.0.135\ccL80U.dll - ok
11:53:34.0000 3236 [ 330870DECA9AFDC486075DF0F44B4E25 ] C:\Program Files\Norton 360\Engine\3.0.0.135\ccVrTrst.dll
11:53:34.0000 3236 C:\Program Files\Norton 360\Engine\3.0.0.135\ccVrTrst.dll - ok
11:53:34.0000 3236 [ 5BA6C977C59CA6C2E85CE3DC752EEFC2 ] C:\Program Files\Norton 360\Engine\3.0.0.135\EFACli.dll
11:53:34.0000 3236 C:\Program Files\Norton 360\Engine\3.0.0.135\EFACli.dll - ok
11:53:34.0015 3236 [ E08CFAB5904FCBB62B1B8F1F1E29E12C ] C:\Program Files\Norton 360\Engine\3.0.0.135\SymNeti.dll
11:53:34.0015 3236 C:\Program Files\Norton 360\Engine\3.0.0.135\SymNeti.dll - ok
11:53:34.0015 3236 [ 53B518B36FF81CB21334E43237B7B461 ] C:\Program Files\Arcadyan Wireless\pctwpasv.exe
11:53:34.0015 3236 C:\Program Files\Arcadyan Wireless\pctwpasv.exe - ok
11:53:34.0015 3236 [ 90FCB99048A4E6527B7F9AE28D896D50 ] C:\WINDOWS\system32\PCTIN50.dll
11:53:34.0015 3236 C:\WINDOWS\system32\PCTIN50.dll - ok
11:53:34.0031 3236 [ 9F5271B8A145BE712DCC76F6090B2D56 ] C:\Program Files\Norton 360\Engine\3.0.0.135\ccSvc.dll
11:53:34.0031 3236 C:\Program Files\Norton 360\Engine\3.0.0.135\ccSvc.dll - ok
11:53:34.0031 3236 [ 3AEBF9427C832E8C8F430BF8418332DC ] C:\Program Files\Norton 360\Engine\3.0.0.135\Srtsp32.dll
11:53:34.0031 3236 C:\Program Files\Norton 360\Engine\3.0.0.135\Srtsp32.dll - ok
11:53:34.0031 3236 [ 5F0CE62E0831CF972EC6949FD3E37DA7 ] C:\WINDOWS\system32\cfgmgr32.dll
11:53:34.0031 3236 C:\WINDOWS\system32\cfgmgr32.dll - ok
11:53:34.0046 3236 [ 332760FBA1655FCFD35BD6F4FD871300 ] C:\WINDOWS\system32\ipsecsvc.dll
11:53:34.0046 3236 C:\WINDOWS\system32\ipsecsvc.dll - ok
11:53:34.0046 3236 [ C5FF8682EADA5B3B27A865F1C3EF9270 ] C:\WINDOWS\system32\oakley.dll
11:53:34.0046 3236 C:\WINDOWS\system32\oakley.dll - ok
11:53:34.0046 3236 [ CBE612E2BB6A10E3563336191EDA1250 ] C:\WINDOWS\system32\seclogon.dll
11:53:34.0046 3236 C:\WINDOWS\system32\seclogon.dll - ok
11:53:34.0062 3236 [ 248712EA6BA17B9FF0C542A3828375DD ] C:\WINDOWS\system32\winipsec.dll
11:53:34.0062 3236 C:\WINDOWS\system32\winipsec.dll - ok
11:53:34.0062 3236 [ 853D0D0C6F02D7BFDF1CF99DD7553732 ] C:\WINDOWS\system32\pstorsvc.dll
11:53:34.0062 3236 C:\WINDOWS\system32\pstorsvc.dll - ok
11:53:34.0062 3236 [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] C:\WINDOWS\system32\sens.dll
11:53:34.0062 3236 C:\WINDOWS\system32\sens.dll - ok
11:53:34.0078 3236 [ 4025A3B3ADA0DBFF7A4190AC6FE2B2B8 ] C:\Program Files\Norton 360\Engine\3.0.0.135\ccIPC.dll
11:53:34.0078 3236 C:\Program Files\Norton 360\Engine\3.0.0.135\ccIPC.dll - ok
11:53:34.0078 3236 [ 83F41D0D89645D7235C051AB1D9523AC ] C:\WINDOWS\system32\ipnathlp.dll
11:53:34.0078 3236 C:\WINDOWS\system32\ipnathlp.dll - ok
11:53:34.0078 3236 [ 22D89D84E8E081CDA529DBF8C0255A38 ] C:\WINDOWS\system32\psbase.dll
11:53:34.0078 3236 C:\WINDOWS\system32\psbase.dll - ok
11:53:34.0078 3236 [ 60C377BE6B3CC83F6A8584934B181D2E ] C:\WINDOWS\system32\snmp.exe
11:53:34.0078 3236 C:\WINDOWS\system32\snmp.exe - ok
11:53:34.0093 3236 [ 5C1F0537E61F87B435F56E00B4F20EE8 ] C:\WINDOWS\system32\snmpapi.dll
11:53:34.0093 3236 C:\WINDOWS\system32\snmpapi.dll - ok
11:53:34.0093 3236 [ 062F837C1FBDB6A0A75F82EFC2EE8E74 ] C:\WINDOWS\system32\netshell.dll
11:53:34.0093 3236 C:\WINDOWS\system32\netshell.dll - ok
11:53:34.0093 3236 [ FEDE68BF80052BAD393AFD5C2E60DCB0 ] C:\WINDOWS\system32\dssenh.dll
11:53:34.0093 3236 C:\WINDOWS\system32\dssenh.dll - ok
11:53:34.0109 3236 [ B96619BF8D9EACA9A52872F05968FDAB ] C:\Program Files\Norton 360\Engine\3.0.0.135\diMaster.dll
11:53:34.0109 3236 C:\Program Files\Norton 360\Engine\3.0.0.135\diMaster.dll - ok
11:53:34.0109 3236 [ 235892E493845D64D890163CFEF90E97 ] C:\WINDOWS\system32\credui.dll
11:53:34.0109 3236 C:\WINDOWS\system32\credui.dll - ok
11:53:34.0109 3236 [ 4E8F3230BAC8C1CAADF01A8C728E1C5C ] C:\WINDOWS\system32\dot3dlg.dll
11:53:34.0109 3236 C:\WINDOWS\system32\dot3dlg.dll - ok
11:53:34.0125 3236 [ CA04959077AFE36369D37B3504740C87 ] C:\WINDOWS\system32\onex.dll
11:53:34.0125 3236 C:\WINDOWS\system32\onex.dll - ok
11:53:34.0125 3236 [ 684559A03CBC1D05BA120A18B0D8BA5D ] C:\WINDOWS\system32\winhttp.dll
11:53:34.0125 3236 C:\WINDOWS\system32\winhttp.dll - ok
11:53:34.0125 3236 [ 7AC9F99C9E12A5C0C35B0A9891543AEC ] C:\WINDOWS\system32\lmmib2.dll
11:53:34.0125 3236 C:\WINDOWS\system32\lmmib2.dll - ok
11:53:34.0140 3236 [ 5DB625E7D095604010CF84DE2D8ACFA6 ] C:\WINDOWS\system32\eappcfg.dll
11:53:34.0140 3236 C:\WINDOWS\system32\eappcfg.dll - ok
11:53:34.0140 3236 [ 63E8D944AFBEEBB243F25C4ED07E74C5 ] C:\WINDOWS\system32\inetmib1.dll
11:53:34.0140 3236 C:\WINDOWS\system32\inetmib1.dll - ok
11:53:34.0140 3236 [ C744B07A16F5FBAAF2892716F4DBCB1B ] C:\WINDOWS\system32\hostmib.dll
11:53:34.0140 3236 C:\WINDOWS\system32\hostmib.dll - ok
11:53:34.0156 3236 [ ABC4206543450C0666D152F4B65833B8 ] C:\WINDOWS\system32\eappprxy.dll
11:53:34.0156 3236 C:\WINDOWS\system32\eappprxy.dll - ok
11:53:34.0156 3236 [ 8BAD69CBAC032D4BBACFCE0306174C30 ] C:\WINDOWS\system32\wiaservc.dll
11:53:34.0156 3236 C:\WINDOWS\system32\wiaservc.dll - ok
11:53:34.0156 3236 [ 31C7EEDD61B9E30D71A06823B1D47D99 ] C:\Program Files\Norton 360\Engine\3.0.0.135\ccSet.dll
11:53:34.0156 3236 C:\Program Files\Norton 360\Engine\3.0.0.135\ccSet.dll - ok
11:53:34.0171 3236 [ 3805DF0AC4296A34BA4BF93B346CC378 ] C:\WINDOWS\system32\srsvc.dll
11:53:34.0171 3236 C:\WINDOWS\system32\srsvc.dll - ok
11:53:34.0171 3236 [ 4AC2FA4A6F0DF2511BAC13393C06EFF1 ] C:\WINDOWS\system32\mscms.dll
11:53:34.0171 3236 C:\WINDOWS\system32\mscms.dll - ok
11:53:34.0171 3236 [ CB9F764240ACF9D32A8671186E73BFA8 ] C:\Program Files\Norton 360\Engine\3.0.0.135\IPSPlug.dll
11:53:34.0171 3236 C:\Program Files\Norton 360\Engine\3.0.0.135\IPSPlug.dll - ok
11:53:34.0187 3236 [ 50A166237A0FA771261275A405646CC0 ] C:\WINDOWS\system32\powrprof.dll
11:53:34.0187 3236 C:\WINDOWS\system32\powrprof.dll - ok
11:53:34.0187 3236 [ 3CB78C17BB664637787C9A1C98F79C38 ] C:\WINDOWS\system32\tapisrv.dll
11:53:34.0187 3236 C:\WINDOWS\system32\tapisrv.dll - ok
11:53:34.0187 3236 [ 55BCA12F7F523D35CA3CB833C725F54E ] C:\WINDOWS\system32\trkwks.dll
11:53:34.0187 3236 C:\WINDOWS\system32\trkwks.dll - ok
11:53:34.0203 3236 [ 49D74E6730C1BA1B1FDA6DDAB6FCB287 ] C:\Program Files\Norton 360\Engine\3.0.0.135\QSPlugin.dll
11:53:34.0203 3236 C:\Program Files\Norton 360\Engine\3.0.0.135\QSPlugin.dll - ok
11:53:34.0203 3236 [ 2D0E4ED081963804CCC196A0929275B5 ] C:\WINDOWS\system32\wbem\wmisvc.dll
11:53:34.0203 3236 C:\WINDOWS\system32\wbem\wmisvc.dll - ok
11:53:34.0203 3236 [ E73CD03FF7DF50B694F20C285F1B9E4A ] C:\Program Files\Norton 360\Engine\3.0.0.135\IPSFFPl.dll
11:53:34.0203 3236 C:\Program Files\Norton 360\Engine\3.0.0.135\IPSFFPl.dll - ok
11:53:34.0218 3236 [ ACACB8B14E66109B8ACD6644B5574B9A ] C:\WINDOWS\system32\vssapi.dll
11:53:34.0218 3236 C:\WINDOWS\system32\vssapi.dll - ok
11:53:34.0218 3236 [ 4879E276476659691AF909969A3A3793 ] C:\Program Files\Norton 360\Engine\3.0.0.135\uiPerfsv.dll
11:53:34.0218 3236 C:\Program Files\Norton 360\Engine\3.0.0.135\uiPerfsv.dll - ok
11:53:34.0218 3236 [ 698F7784B818CBD80F340A36378A6515 ] C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20090206.001\IDSxpx86.dll
11:53:34.0218 3236 C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20090206.001\IDSxpx86.dll - ok
11:53:34.0234 3236 [ CFD4E51402DA9838B5A04AE680AF54A0 ] C:\WINDOWS\system32\browser.dll
11:53:34.0234 3236 C:\WINDOWS\system32\browser.dll - ok
11:53:34.0234 3236 [ E97D6A8684466DF94FF3BC24FB787A07 ] C:\WINDOWS\system32\fxssvc.exe
11:53:34.0234 3236 C:\WINDOWS\system32\fxssvc.exe - ok
11:53:34.0234 3236 [ 330238346EB90DF8583E6F36B122ACA9 ] C:\Program Files\Norton 360\Engine\3.0.0.135\ccJobMgr.dll
11:53:34.0234 3236 C:\Program Files\Norton 360\Engine\3.0.0.135\ccJobMgr.dll - ok
11:53:34.0250 3236 [ ED0C0DF222209E43AD9AFBF3FE87DDE0 ] C:\WINDOWS\system32\comsvcs.dll
11:53:34.0250 3236 C:\WINDOWS\system32\comsvcs.dll - ok
11:53:34.0250 3236 [ 1144EF6B4BB72E33B41912AE1AE4F97A ] C:\WINDOWS\system32\fxstiff.dll
11:53:34.0250 3236 C:\WINDOWS\system32\fxstiff.dll - ok
11:53:34.0250 3236 [ D263A70D29C32B19F92A4B9E2C416993 ] C:\Program Files\Norton 360\Engine\3.0.0.135\FWCore.dll
11:53:34.0250 3236 C:\Program Files\Norton 360\Engine\3.0.0.135\FWCore.dll - ok
11:53:34.0265 3236 [ 7E1F7455E1A4D41305D862B63066016A ] C:\Program Files\Norton 360\Engine\3.0.0.135\htec.dll
11:53:34.0265 3236 C:\Program Files\Norton 360\Engine\3.0.0.135\htec.dll - ok
11:53:34.0265 3236 [ 0329D0A4F230094B669A87BB3B85606E ] C:\WINDOWS\system32\fxsapi.dll
11:53:34.0265 3236 C:\WINDOWS\system32\fxsapi.dll - ok
11:53:34.0265 3236 [ DBA1C8EB28550778DB6C9E9D2CEAD0E7 ] C:\Program Files\Norton 360\Engine\3.0.0.135\ccGEvt.dll
11:53:34.0265 3236 C:\Program Files\Norton 360\Engine\3.0.0.135\ccGEvt.dll - ok
11:53:34.0281 3236 [ C14AA05881A35B6D6BB8D55B117EE22D ] C:\WINDOWS\system32\shfolder.dll
11:53:34.0281 3236 C:\WINDOWS\system32\shfolder.dll - ok
11:53:34.0281 3236 [ 0CE5F8AE9C371A965D17E3F2ED134809 ] C:\WINDOWS\system32\fxst30.dll
11:53:34.0281 3236 C:\WINDOWS\system32\fxst30.dll - ok
11:53:34.0281 3236 [ 66FECE9CFD43E78CE10FEE0DABE8E594 ] C:\Program Files\Norton 360\Engine\3.0.0.135\ncwTrust.dll
11:53:34.0281 3236 C:\Program Files\Norton 360\Engine\3.0.0.135\ncwTrust.dll - ok
11:53:34.0296 3236 [ 690D97864735E8ECD87F55777E266690 ] C:\WINDOWS\system32\colbact.dll
11:53:34.0296 3236 C:\WINDOWS\system32\colbact.dll - ok
11:53:34.0296 3236 [ 2D583E2844FDD592D1629EB6B10E5702 ] C:\WINDOWS\system32\fxsroute.dll
11:53:34.0296 3236 C:\WINDOWS\system32\fxsroute.dll - ok
11:53:34.0296 3236 [ 36795A645EAA47FE31D2A8F136A2C69B ] C:\WINDOWS\system32\mtxclu.dll
11:53:34.0296 3236 C:\WINDOWS\system32\mtxclu.dll - ok
11:53:34.0312 3236 [ DF82E222578DBE59FCBBD69A02E4C806 ] C:\WINDOWS\system32\clusapi.dll
11:53:34.0312 3236 C:\WINDOWS\system32\clusapi.dll - ok
11:53:34.0312 3236 [ F51EBB6FC536A6B2D588FD668D3A8249 ] C:\WINDOWS\system32\resutils.dll
11:53:34.0312 3236 C:\WINDOWS\system32\resutils.dll - ok
11:53:34.0312 3236 [ AACE07FE34FADDDF973CE068A6424957 ] C:\WINDOWS\system32\unimdm.tsp
11:53:34.0312 3236 C:\WINDOWS\system32\unimdm.tsp - ok
11:53:34.0328 3236 [ 6A473B625E465946F73FB2C24412656C ] C:\WINDOWS\system32\snmpmib.dll
11:53:34.0328 3236 C:\WINDOWS\system32\snmpmib.dll - ok
11:53:34.0328 3236 [ 14390243E43F290A61B0B1FB3602DC4F ] C:\WINDOWS\system32\evntagnt.dll
11:53:34.0328 3236 C:\WINDOWS\system32\evntagnt.dll - ok
11:53:34.0328 3236 [ 912B67BB8249925A5C972FC5839EAE09 ] C:\WINDOWS\system32\actxprxy.dll
11:53:34.0328 3236 C:\WINDOWS\system32\actxprxy.dll - ok
11:53:34.0343 3236 [ 384DA6A9C70889F01B99888C5E07072C ] C:\WINDOWS\system32\igmpagnt.dll
11:53:34.0343 3236 C:\WINDOWS\system32\igmpagnt.dll - ok
11:53:34.0343 3236 [ 995252FCC4692B5B97EE17D596C9386E ] C:\WINDOWS\system32\uniplat.dll
11:53:34.0343 3236 C:\WINDOWS\system32\uniplat.dll - ok
11:53:34.0343 3236 [ 93F02F396720478C656D65ECFB65A497 ] C:\WINDOWS\system32\mcastmib.dll
11:53:34.0343 3236 C:\WINDOWS\system32\mcastmib.dll - ok
11:53:34.0359 3236 [ D022E59E6F132660B2D7E66D41FFB341 ] C:\WINDOWS\system32\rtipxmib.dll
11:53:34.0359 3236 C:\WINDOWS\system32\rtipxmib.dll - ok
11:53:34.0359 3236 [ 2B6485A470C2A6870384ABAA4B422944 ] C:\Program Files\Norton 360\Engine\3.0.0.135\AVPSVC32.dll
11:53:34.0359 3236 C:\Program Files\Norton 360\Engine\3.0.0.135\AVPSVC32.dll - ok
11:53:34.0359 3236 [ 19AE6CBA05B9005698A6DEDCC88F202E ] C:\WINDOWS\system32\unimdmat.dll
11:53:34.0359 3236 C:\WINDOWS\system32\unimdmat.dll - ok
11:53:34.0375 3236 [ FE4A73CDBC882A19D070F1C01586E81A ] C:\WINDOWS\system32\modemui.dll
11:53:34.0375 3236 C:\WINDOWS\system32\modemui.dll - ok
11:53:34.0375 3236 [ 1E5B4D9F66D8ED2A35052B7FAE9A6963 ] C:\Program Files\Norton 360\Engine\3.0.0.135\BHSvcPlg.dll
11:53:34.0375 3236 C:\Program Files\Norton 360\Engine\3.0.0.135\BHSvcPlg.dll - ok
11:53:34.0375 3236 [ 76EC97C5068D3D9FAA7774B0F659D31A ] C:\WINDOWS\system32\kmddsp.tsp
11:53:34.0375 3236 C:\WINDOWS\system32\kmddsp.tsp - ok
11:53:34.0390 3236 [ 4589963D84F2984FA5949A72162BA4F4 ] C:\WINDOWS\system32\ndptsp.tsp
11:53:34.0390 3236 C:\WINDOWS\system32\ndptsp.tsp - ok
11:53:34.0390 3236 [ 8B8A45DF7CEF36D93C7BD3E4C84003B8 ] C:\WINDOWS\system32\ipconf.tsp
11:53:34.0390 3236 C:\WINDOWS\system32\ipconf.tsp - ok
11:53:34.0390 3236 [ 8BC2B02DC11C98D14CEE43B8E8393FF3 ] C:\WINDOWS\system32\h323.tsp
11:53:34.0390 3236 C:\WINDOWS\system32\h323.tsp - ok
11:53:34.0406 3236 [ 6B552ED3BEE5AA3C4560478FF779BA98 ] C:\WINDOWS\system32\hidphone.tsp
11:53:34.0406 3236 C:\WINDOWS\system32\hidphone.tsp - ok
11:53:34.0406 3236 [ A87C52789ED7D36C4CAF5340E0358687 ] C:\Program Files\Norton 360\Engine\3.0.0.135\ccGLog.dll
11:53:34.0406 3236 C:\Program Files\Norton 360\Engine\3.0.0.135\ccGLog.dll - ok
11:53:34.0406 3236 [ A8A25EEBE9FBA92B3EE1A43709F72688 ] C:\Program Files\Norton 360\Engine\3.0.0.135\ccSubEng.dll
11:53:34.0406 3236 C:\Program Files\Norton 360\Engine\3.0.0.135\ccSubEng.dll - ok
11:53:34.0421 3236 [ 9A01A61538BE59EF25D89644C7F90A52 ] C:\Program Files\Norton 360\Engine\3.0.0.135\SNDSvc.dll
11:53:34.0421 3236 C:\Program Files\Norton 360\Engine\3.0.0.135\SNDSvc.dll - ok
11:53:34.0421 3236 [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] C:\WINDOWS\system32\netman.dll
11:53:34.0421 3236 C:\WINDOWS\system32\netman.dll - ok
11:53:34.0421 3236 [ 767FF54A552732CE772C2302025FA82F ] C:\WINDOWS\system32\wzcsapi.dll
11:53:34.0421 3236 C:\WINDOWS\system32\wzcsapi.dll - ok
11:53:34.0437 3236 [ C78CC5E2E17860045E22FE8F61F06869 ] C:\Program Files\Norton 360\Engine\3.0.0.135\coSvcPlg.dll
11:53:34.0437 3236 C:\Program Files\Norton 360\Engine\3.0.0.135\coSvcPlg.dll - ok
11:53:34.0437 3236 [ F9D3C78CFE15271D80790677C893CE45 ] C:\WINDOWS\system32\cabinet.dll
11:53:34.0437 3236 C:\WINDOWS\system32\cabinet.dll - ok
11:53:34.0437 3236 [ F448058AF3992F98393C0312D07F3CA9 ] C:\Program Files\Norton 360\Engine\3.0.0.135\isDataPr.dll
11:53:34.0437 3236 C:\Program Files\Norton 360\Engine\3.0.0.135\isDataPr.dll - ok
11:53:34.0453 3236 [ D95C71052E5EF63B55997FB31483D02F ] C:\WINDOWS\system32\wbem\wbemcomn.dll
11:53:34.0453 3236 C:\WINDOWS\system32\wbem\wbemcomn.dll - ok
11:53:34.0453 3236 [ 205ADD80FF8099B1A8101EB490B933D1 ] C:\WINDOWS\system32\wbem\wbemprox.dll
11:53:34.0453 3236 C:\WINDOWS\system32\wbem\wbemprox.dll - ok
11:53:34.0453 3236 [ F0BF811622F2DD6C8E26EE4600D83731 ] C:\WINDOWS\system32\wbem\wbemcore.dll
11:53:34.0453 3236 C:\WINDOWS\system32\wbem\wbemcore.dll - ok
11:53:34.0468 3236 [ 1CD8CC50AFBFB549EE5F612E49A957CD ] C:\Program Files\Norton 360\Engine\3.0.0.135\cltLMC.dll
11:53:34.0468 3236 C:\Program Files\Norton 360\Engine\3.0.0.135\cltLMC.dll - ok
11:53:34.0468 3236 [ F8A198706093B1571524ED469C6DF77F ] C:\Program Files\Norton 360\Engine\3.0.0.135\ISDataSv.dll
11:53:34.0468 3236 C:\Program Files\Norton 360\Engine\3.0.0.135\ISDataSv.dll - ok
11:53:34.0468 3236 [ E4616430709F440CF1809D88DC2366EA ] C:\WINDOWS\system32\wbem\esscli.dll
11:53:34.0468 3236 C:\WINDOWS\system32\wbem\esscli.dll - ok
11:53:34.0484 3236 [ 378A0AEFB11D8B0DC8C27B9F7604B88D ] C:\WINDOWS\system32\wbem\fastprox.dll
11:53:34.0484 3236 C:\WINDOWS\system32\wbem\fastprox.dll - ok
11:53:34.0484 3236 [ 010472D0AE758227C6F6E6933549C219 ] C:\WINDOWS\system32\wbem\wbemsvc.dll
11:53:34.0484 3236 C:\WINDOWS\system32\wbem\wbemsvc.dll - ok
11:53:34.0484 3236 [ 3273D1565BF30225C115B480A3BB2C9D ] C:\WINDOWS\system32\wbem\wmiutils.dll
11:53:34.0484 3236 C:\WINDOWS\system32\wbem\wmiutils.dll - ok
11:53:34.0500 3236 [ 92733BDD66E3DD6FBA49FC35F2BA2B07 ] C:\Program Files\Norton 360\Engine\3.0.0.135\FWGenPlg.dll
11:53:34.0500 3236 C:\Program Files\Norton 360\Engine\3.0.0.135\FWGenPlg.dll - ok
11:53:34.0500 3236 [ 942A17D2901A31EA68627CBFFCD268CC ] C:\WINDOWS\system32\wbem\repdrvfs.dll
11:53:34.0500 3236 C:\WINDOWS\system32\wbem\repdrvfs.dll - ok
11:53:34.0500 3236 [ 1F67C6B8E3482852FB6B0D9A882544A6 ] C:\Program Files\Norton 360\Engine\3.0.0.135\CLTLMS.DLL
11:53:34.0500 3236 C:\Program Files\Norton 360\Engine\3.0.0.135\CLTLMS.DLL - ok
11:53:34.0515 3236 [ 071143F687B4F887E21461CA6CC7EB29 ] C:\WINDOWS\system32\wbem\wmiprvsd.dll
11:53:34.0515 3236 C:\WINDOWS\system32\wbem\wmiprvsd.dll - ok
11:53:34.0515 3236 [ 26D881D27CBE51D3614E68D7313EA026 ] C:\WINDOWS\system32\wbem\wbemess.dll
11:53:34.0515 3236 C:\WINDOWS\system32\wbem\wbemess.dll - ok
11:53:34.0515 3236 [ 37A62C6092AADD2EFDE0468DD8818E99 ] C:\WINDOWS\system32\netcfgx.dll
11:53:34.0515 3236 C:\WINDOWS\system32\netcfgx.dll - ok
11:53:34.0531 3236 [ 44686354EFCC55B93F32A24FA350670E ] C:\Program Files\Norton 360\Engine\3.0.0.135\buSvc.dll
11:53:34.0531 3236 C:\Program Files\Norton 360\Engine\3.0.0.135\buSvc.dll - ok
11:53:34.0531 3236 [ D87324CD5130301752E596C7B58E9DD3 ] C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\CLT\cltLMSx.dll
11:53:34.0531 3236 C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\CLT\cltLMSx.dll - ok
11:53:34.0531 3236 [ 6C9E233AE3C1209D0CAE5011B76B349D ] C:\Program Files\Norton 360\Engine\3.0.0.135\SymRdrSv.dll
11:53:34.0531 3236 C:\Program Files\Norton 360\Engine\3.0.0.135\SymRdrSv.dll - ok
11:53:34.0546 3236 [ 7EDCA94504D79ECBAFDF3831EE17DAD4 ] C:\Program Files\Norton 360\Engine\3.0.0.135\buComm.dll
11:53:34.0546 3236 C:\Program Files\Norton 360\Engine\3.0.0.135\buComm.dll - ok
11:53:34.0546 3236 [ F58AE94D6A5A103DEBFED7FF907A1655 ] C:\Program Files\Norton 360\Engine\3.0.0.135\BuEng.dll
11:53:34.0546 3236 C:\Program Files\Norton 360\Engine\3.0.0.135\BuEng.dll - ok
11:53:34.0546 3236 [ 2603D8246A770B93D3907DA5791A9AB4 ] C:\Program Files\Norton 360\Engine\3.0.0.135\FWHelper.dll
11:53:34.0546 3236 C:\Program Files\Norton 360\Engine\3.0.0.135\FWHelper.dll - ok
11:53:34.0562 3236 [ 21B6446EF6A8DF4A9C024154360ABCEB ] C:\Program Files\Norton 360\Engine\3.0.0.135\tuDataPr.dll
11:53:34.0562 3236 C:\Program Files\Norton 360\Engine\3.0.0.135\tuDataPr.dll - ok
11:53:34.0562 3236 [ 217514872D0BEE98F100F2C252B2F0C6 ] C:\Program Files\Norton 360\Engine\3.0.0.135\cltLMJ.dll
11:53:34.0562 3236 C:\Program Files\Norton 360\Engine\3.0.0.135\cltLMJ.dll - ok
11:53:34.0562 3236 [ 60079BFD9891F5A147108022BB80C5C4 ] C:\Program Files\Norton 360\Engine\3.0.0.135\AppMgr32.dll
11:53:34.0562 3236 C:\Program Files\Norton 360\Engine\3.0.0.135\AppMgr32.dll - ok
11:53:34.0578 3236 [ 077F067C69073D1EBC84984E7FE5BA44 ] C:\WINDOWS\system32\msjetoledb40.dll
11:53:34.0578 3236 C:\WINDOWS\system32\msjetoledb40.dll - ok
11:53:34.0578 3236 [ 9E70016C950B1F8FDEAA6F067E2E25A8 ] C:\WINDOWS\system32\msjet40.dll
11:53:34.0578 3236 C:\WINDOWS\system32\msjet40.dll - ok
11:53:34.0578 3236 [ AFDC647D16B285B9AE6140335B3B3255 ] C:\WINDOWS\system32\mswstr10.dll
11:53:34.0578 3236 C:\WINDOWS\system32\mswstr10.dll - ok
11:53:34.0578 3236 [ 7E2B58CE8C4013287371667880B1080D ] C:\WINDOWS\system32\msjint40.dll
11:53:34.0578 3236 C:\WINDOWS\system32\msjint40.dll - ok
11:53:34.0593 3236 [ 0D14F07B29FBF0D750AA2495DD72B968 ] C:\WINDOWS\system32\msjter40.dll
11:53:34.0593 3236 C:\WINDOWS\system32\msjter40.dll - ok
11:53:34.0593 3236 [ 51DB3C6D14050D9C8B2D664AA3E0B223 ] C:\Program Files\Norton 360\Engine\3.0.0.135\hncore.dll
11:53:34.0593 3236 C:\Program Files\Norton 360\Engine\3.0.0.135\hncore.dll - ok
11:53:34.0593 3236 [ DC095DB6D468CB5B653E05F865487E57 ] C:\Program Files\Common Files\System\Ole DB\oledb32.dll
11:53:34.0593 3236 C:\Program Files\Common Files\System\Ole DB\oledb32.dll - ok
11:53:34.0609 3236 [ 01F0CBEB457CAE7EF0CA52C7CCA5B0E8 ] C:\WINDOWS\system32\msdart.dll
11:53:34.0609 3236 C:\WINDOWS\system32\msdart.dll - ok
11:53:34.0609 3236 [ F86A2C7C279C746D5C5E06941ED4C337 ] C:\Program Files\Common Files\System\Ole DB\oledb32r.dll
11:53:34.0609 3236 C:\Program Files\Common Files\System\Ole DB\oledb32r.dll - ok
11:53:34.0625 3236 [ E5DE87DDDB8CBE4687EADF296E58452A ] C:\WINDOWS\system32\msjtes40.dll
11:53:34.0625 3236 C:\WINDOWS\system32\msjtes40.dll - ok
11:53:34.0625 3236 [ 83DB86773E674FC687B0E0A4CC7AD06E ] C:\Program Files\Norton 360\Engine\3.0.0.135\AVModule.dll
11:53:34.0625 3236 C:\Program Files\Norton 360\Engine\3.0.0.135\AVModule.dll - ok
11:53:34.0625 3236 [ CAFBD14F56A68E6C1A55C0EAC7E487FA ] C:\WINDOWS\system32\vbajet32.dll
11:53:34.0625 3236 C:\WINDOWS\system32\vbajet32.dll - ok
11:53:34.0640 3236 [ BE87245CE60329B31C94F1B4236E5832 ] C:\WINDOWS\system32\expsrv.dll
11:53:34.0640 3236 C:\WINDOWS\system32\expsrv.dll - ok
11:53:34.0640 3236 [ 70792AA7397178B531B6E86E81D243F8 ] C:\Program Files\Norton 360\Engine\3.0.0.135\DefUtDCD.dll
11:53:34.0640 3236 C:\Program Files\Norton 360\Engine\3.0.0.135\DefUtDCD.dll - ok
11:53:34.0640 3236 [ 2EB3F0E7A7119F944B4CE3E7048EA8E0 ] C:\Program Files\Norton 360\Engine\3.0.0.135\ducclib.dll
11:53:34.0640 3236 C:\Program Files\Norton 360\Engine\3.0.0.135\ducclib.dll - ok
11:53:34.0656 3236 [ BCB130B60977616B0173D6B374FCAF38 ] C:\Program Files\Norton 360\Engine\3.0.0.135\FWSetup.dll
11:53:34.0656 3236 C:\Program Files\Norton 360\Engine\3.0.0.135\FWSetup.dll - ok
11:53:34.0656 3236 [ 32D5CE6D98124772FF377ADC252EB989 ] C:\Program Files\Norton 360\Engine\3.0.0.135\AVifc.dll
11:53:34.0656 3236 C:\Program Files\Norton 360\Engine\3.0.0.135\AVifc.dll - ok
11:53:34.0656 3236 [ D572D48CA47B33B49BBA9A7BC5CB45C6 ] C:\WINDOWS\system32\drivers\N360\0300000.087\srtsp.sys
11:53:34.0656 3236 C:\WINDOWS\system32\drivers\N360\0300000.087\srtsp.sys - ok
11:53:34.0671 3236 [ 494C4EBFEE40BAAFF49492B97ABAF18C ] C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20090226.034\NAVENG.SYS
11:53:34.0671 3236 C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20090226.034\NAVENG.SYS - ok
11:53:34.0671 3236 [ F4A95D6D20767A5F1F2B2FED261A1B23 ] C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20090226.034\NAVEX15.SYS
11:53:34.0671 3236 C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20090226.034\NAVEX15.SYS - ok
11:53:34.0671 3236 [ CF3F12C91381DE04F91B12DFFBC1FC3B ] C:\Program Files\Norton 360\Engine\3.0.0.135\BHClient.dll
11:53:34.0671 3236 C:\Program Files\Norton 360\Engine\3.0.0.135\BHClient.dll - ok
11:53:34.0687 3236 [ 467CFC0FE895D9FD08B27188CDE02063 ] C:\Program Files\Java\jre7\bin\awt.dll
11:53:34.0687 3236 C:\Program Files\Java\jre7\bin\awt.dll - ok
11:53:34.0687 3236 [ 95AC512898A8E9F0E76740EB259E4C31 ] C:\Program Files\Java\jre7\bin\client\jvm.dll
11:53:34.0687 3236 C:\Program Files\Java\jre7\bin\client\jvm.dll - ok
11:53:34.0687 3236 [ 87E6543D1CB0D386AC7AC287828E5B07 ] C:\Program Files\Java\jre7\bin\dcpr.dll
11:53:34.0703 3236 C:\Program Files\Java\jre7\bin\dcpr.dll - ok
11:53:34.0703 3236 [ 21F53789F627FF735F54E17BDA1DFD81 ] C:\Program Files\Java\jre7\bin\deploy.dll
11:53:34.0703 3236 C:\Program Files\Java\jre7\bin\deploy.dll - ok
11:53:34.0703 3236 [ 28661294ADE35EF4170615FD43A8A406 ] C:\Program Files\Java\jre7\bin\fontmanager.dll
11:53:34.0703 3236 C:\Program Files\Java\jre7\bin\fontmanager.dll - ok
11:53:34.0718 3236 [ 1E15EAF07C548430B88620AAFD75EB6A ] C:\Program Files\Java\jre7\bin\java.dll
11:53:34.0718 3236 C:\Program Files\Java\jre7\bin\java.dll - ok
11:53:34.0718 3236 [ A8F3C0659931724881347F586730827C ] C:\Program Files\Java\jre7\bin\javaw.exe
11:53:34.0718 3236 C:\Program Files\Java\jre7\bin\javaw.exe - ok
11:53:34.0718 3236 [ 567E9566ABB3590D5AABA395E76CE6BD ] C:\Program Files\Java\jre7\bin\jp2native.dll
11:53:34.0718 3236 C:\Program Files\Java\jre7\bin\jp2native.dll - ok
11:53:34.0734 3236 [ 0A93AD186EDBAFA06F60712C16063AC6 ] C:\Program Files\Java\jre7\bin\jpeg.dll
11:53:34.0734 3236 C:\Program Files\Java\jre7\bin\jpeg.dll - ok
11:53:34.0734 3236 [ CFFAD68E72DD41D207CBD0A77956989E ] C:\Program Files\Java\jre7\bin\net.dll
11:53:34.0734 3236 C:\Program Files\Java\jre7\bin\net.dll - ok
11:53:34.0734 3236 [ 96257A7FB009579DE9DC3A58D626BB47 ] C:\Program Files\Java\jre7\bin\nio.dll
11:53:34.0734 3236 C:\Program Files\Java\jre7\bin\nio.dll - ok
11:53:34.0750 3236 [ F613C1A517B04533C6DA1813200E2A95 ] C:\Program Files\Java\jre7\bin\verify.dll
11:53:34.0750 3236 C:\Program Files\Java\jre7\bin\verify.dll - ok
11:53:34.0750 3236 [ CFDBFCD763E3612E41E198D6AA3CB09A ] C:\Program Files\Java\jre7\bin\zip.dll
11:53:34.0750 3236 C:\Program Files\Java\jre7\bin\zip.dll - ok
11:53:34.0750 3236 [ FF3477C03BE7201C294C35F684B3479F ] C:\WINDOWS\system32\termsrv.dll
11:53:34.0750 3236 C:\WINDOWS\system32\termsrv.dll - ok
11:53:34.0750 3236 [ DF6551E4C4C46655A0C76194F1FCEA5D ] C:\WINDOWS\system32\icaapi.dll
11:53:34.0765 3236 C:\WINDOWS\system32\icaapi.dll - ok
11:53:34.0765 3236 [ 2D65D56C2F8B6CC5EBFF8E7200C30304 ] C:\WINDOWS\system32\mstlsapi.dll
11:53:34.0765 3236 C:\WINDOWS\system32\mstlsapi.dll - ok
11:53:34.0765 3236 [ 798A9E6828997EEF4517ADA8A2259831 ] C:\WINDOWS\system32\wbem\wmiprvse.exe
11:53:34.0765 3236 C:\WINDOWS\system32\wbem\wmiprvse.exe - ok
11:53:34.0765 3236 [ E837FDBB92E9873E538395B623F45462 ] C:\WINDOWS\system32\wbem\cimwin32.dll
11:53:34.0765 3236 C:\WINDOWS\system32\wbem\cimwin32.dll - ok
11:53:34.0781 3236 [ 4306FA2F1099D7C606139255FDB62B19 ] C:\WINDOWS\system32\wbem\framedyn.dll
11:53:34.0781 3236 C:\WINDOWS\system32\wbem\framedyn.dll - ok
11:53:34.0781 3236 [ D26451B540720A7313A9BCBE794DAF62 ] C:\WINDOWS\system32\wbem\ncprov.dll
11:53:34.0781 3236 C:\WINDOWS\system32\wbem\ncprov.dll - ok
11:53:34.0781 3236 [ 6404807ABC7AF52FA3792697AE638B50 ] C:\WINDOWS\system32\wbem\wbemcons.dll
11:53:34.0781 3236 C:\WINDOWS\system32\wbem\wbemcons.dll - ok
11:53:34.0796 3236 [ 0824409AF6DEABA61515F8BAB582C344 ] C:\Program Files\Norton 360\Engine\3.0.0.135\QBackup.dll
11:53:34.0796 3236 C:\Program Files\Norton 360\Engine\3.0.0.135\QBackup.dll - ok
11:53:34.0796 3236 [ C363D87771F935A42D94088D6605EF35 ] C:\Program Files\Norton 360\Engine\3.0.0.135\ccScanw.dll
11:53:34.0796 3236 C:\Program Files\Norton 360\Engine\3.0.0.135\ccScanw.dll - ok
11:53:34.0796 3236 [ 67F5A45225F4A322E96CEE25825A512D ] C:\Program Files\Norton 360\Engine\3.0.0.135\ecmldr32.DLL
11:53:34.0796 3236 C:\Program Files\Norton 360\Engine\3.0.0.135\ecmldr32.DLL - ok
11:53:34.0812 3236 [ 5A606338E6AB1532C9F124E79401235B ] C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20090226.034\ECMSVR32.DLL
11:53:34.0812 3236 C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20090226.034\ECMSVR32.DLL - ok
11:53:34.0812 3236 [ D4A356DDC1566FC6AC3901AF59343943 ] C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20090226.034\NAVEX32A.DLL
11:53:34.0812 3236 C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20090226.034\NAVEX32A.DLL - ok
11:53:34.0812 3236 [ B837604F9058492659D3EFEFD4CDE576 ] C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20090226.034\NAVENG32.DLL
11:53:34.0828 3236 C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20090226.034\NAVENG32.DLL - ok
11:53:34.0828 3236 [ 085ED2E391A871C7BAE87E0228B546BA ] C:\WINDOWS\system32\cscui.dll
11:53:34.0828 3236 C:\WINDOWS\system32\cscui.dll - ok
11:53:34.0828 3236 [ 680B56A8B62D1BCF4A0B2AAAD03D88E4 ] C:\WINDOWS\system32\wdmaud.drv
11:53:34.0828 3236 C:\WINDOWS\system32\wdmaud.drv - ok
11:53:34.0828 3236 [ 3E2F3E2F4A82B7FAE23BAB864FB0F837 ] C:\WINDOWS\system32\dpcdll.dll
11:53:34.0828 3236 C:\WINDOWS\system32\dpcdll.dll - ok
11:53:34.0843 3236 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] C:\WINDOWS\system32\drivers\sysaudio.sys
11:53:34.0843 3236 C:\WINDOWS\system32\drivers\sysaudio.sys - ok
11:53:34.0843 3236 [ 6768ACF64B18196494413695F0C3A00F ] C:\WINDOWS\system32\drivers\wdmaud.sys
11:53:34.0843 3236 C:\WINDOWS\system32\drivers\wdmaud.sys - ok
11:53:34.0843 3236 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] C:\WINDOWS\system32\drivers\splitter.sys
11:53:34.0843 3236 C:\WINDOWS\system32\drivers\splitter.sys - ok
11:53:34.0859 3236 [ 8BED39E3C35D6A489438B8141717A557 ] C:\WINDOWS\system32\drivers\aec.sys
11:53:34.0859 3236 C:\WINDOWS\system32\drivers\aec.sys - ok
11:53:34.0859 3236 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] C:\WINDOWS\system32\drivers\swmidi.sys
11:53:34.0859 3236 C:\WINDOWS\system32\drivers\swmidi.sys - ok
11:53:34.0859 3236 [ 8A208DFCF89792A484E76C40E5F50B45 ] C:\WINDOWS\system32\drivers\dmusic.sys
11:53:34.0859 3236 C:\WINDOWS\system32\drivers\dmusic.sys - ok
11:53:34.0875 3236 [ 692BCF44383D056AED41B045A323D378 ] C:\WINDOWS\system32\drivers\kmixer.sys
11:53:34.0875 3236 C:\WINDOWS\system32\drivers\kmixer.sys - ok
11:53:34.0875 3236 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] C:\WINDOWS\system32\drivers\drmkaud.sys
11:53:34.0875 3236 C:\WINDOWS\system32\drivers\drmkaud.sys - ok
11:53:34.0875 3236 [ 9A3BD5F55AADFF859539142F6328A66E ] C:\WINDOWS\system32\msacm32.drv
11:53:34.0875 3236 C:\WINDOWS\system32\msacm32.drv - ok
11:53:34.0890 3236 [ 5C12660A97822F6E61576943B49AAAD6 ] C:\WINDOWS\system32\midimap.dll
11:53:34.0890 3236 C:\WINDOWS\system32\midimap.dll - ok
11:53:34.0890 3236 [ A93AEE1928A9D7CE3E16D24EC7380F89 ] C:\WINDOWS\system32\userinit.exe
11:53:34.0890 3236 C:\WINDOWS\system32\userinit.exe - ok
11:53:34.0890 3236 [ 480A97A55E986FA4733282D67737FAF8 ] C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\yjpdmegv\hphswemj.exe
11:53:34.0890 3236 C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\yjpdmegv\hphswemj.exe - ok
11:53:34.0906 3236 [ 12896823FB95BFB3DC9B46BCAEDC9923 ] C:\WINDOWS\explorer.exe
11:53:34.0906 3236 C:\WINDOWS\explorer.exe - ok
11:53:34.0906 3236 [ DEFEE5DEDD20C1E15532E88D5A4F7C96 ] C:\WINDOWS\system32\browseui.dll
11:53:34.0906 3236 C:\WINDOWS\system32\browseui.dll - ok
11:53:34.0906 3236 [ EE3D4A02B56AD18B03682D5DFDD8B675 ] C:\Program Files\Norton 360\Engine\3.0.0.135\uiHost.dll
11:53:34.0906 3236 C:\Program Files\Norton 360\Engine\3.0.0.135\uiHost.dll - ok
11:53:34.0921 3236 [ 347D72819DC7C2DF99D1341789EE35D1 ] C:\Program Files\Norton 360\Engine\3.0.0.135\NPCTray.dll
11:53:34.0921 3236 C:\Program Files\Norton 360\Engine\3.0.0.135\NPCTray.dll - ok
11:53:34.0921 3236 [ 5E283C987ED4BB42323A3C722EEBC081 ] C:\WINDOWS\system32\shdocvw.dll
11:53:34.0921 3236 C:\WINDOWS\system32\shdocvw.dll - ok
11:53:34.0921 3236 [ 30DB64D316F502558DB2380F7343C9FD ] C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL
11:53:34.0921 3236 C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL - ok
11:53:34.0937 3236 [ DE80F207541590504C9864927D066444 ] C:\Program Files\Norton 360\Engine\3.0.0.135\AVPAPP32.dll
11:53:34.0937 3236 C:\Program Files\Norton 360\Engine\3.0.0.135\AVPAPP32.dll - ok
11:53:34.0937 3236 [ 5E8E177B249403D7440897BE52BCB22D ] C:\Program Files\Norton 360\Engine\3.0.0.135\coDataPr.dll
11:53:34.0937 3236 C:\Program Files\Norton 360\Engine\3.0.0.135\coDataPr.dll - ok
11:53:34.0937 3236 [ 207204AF80505AF51271FE164B56F662 ] C:\PROGRA~1\MICROS~3\Office12\GrooveUtil.dll
11:53:34.0937 3236 C:\PROGRA~1\MICROS~3\Office12\GrooveUtil.dll - ok
11:53:34.0953 3236 [ 30EFEBDC960A482E3E188B9960B286E2 ] C:\PROGRA~1\MICROS~3\Office12\GrooveNew.dll
11:53:34.0953 3236 C:\PROGRA~1\MICROS~3\Office12\GrooveNew.dll - ok
11:53:34.0953 3236 [ D5E459BED3DB9CF7FC6CC1455F177D2D ] C:\WINDOWS\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_a4c618fa\ATL80.dll
11:53:34.0953 3236 C:\WINDOWS\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_a4c618fa\ATL80.dll - ok
11:53:34.0953 3236 [ 9D0F65AD5072B0D47834D0EE565481D0 ] C:\Program Files\Norton 360\Engine\3.0.0.135\buUIPlg.dll
11:53:34.0953 3236 C:\Program Files\Norton 360\Engine\3.0.0.135\buUIPlg.dll - ok
11:53:34.0968 3236 [ 2DC5A8019E2387987905F77C664E4BE2 ] C:\WINDOWS\system32\linkinfo.dll
11:53:34.0968 3236 C:\WINDOWS\system32\linkinfo.dll - ok
11:53:34.0968 3236 [ A70A2D85AD143D6BB823C246CEB699A5 ] C:\WINDOWS\system32\ntshrui.dll
11:53:34.0968 3236 C:\WINDOWS\system32\ntshrui.dll - ok
11:53:34.0968 3236 [ 7CF9D3AA52A37360C0A5248EB6FE28CB ] C:\Program Files\Norton 360\Engine\3.0.0.135\buDataCl.dll
11:53:34.0968 3236 C:\Program Files\Norton 360\Engine\3.0.0.135\buDataCl.dll - ok
11:53:34.0984 3236 [ 2D76FA608442A1290C6B57A472D9B355 ] C:\Program Files\Norton 360\Engine\3.0.0.135\buShell.dll
11:53:34.0984 3236 C:\Program Files\Norton 360\Engine\3.0.0.135\buShell.dll - ok
11:53:34.0984 3236 [ D8C2B95BC2353E1F18850D6B8F5DBA13 ] C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
11:53:34.0984 3236 C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll - ok
11:53:34.0984 3236 [ ACFEE2392503DD5E457363A0510B8BCB ] C:\WINDOWS\system32\msxml3.dll
11:53:34.0984 3236 C:\WINDOWS\system32\msxml3.dll - ok
11:53:35.0000 3236 [ B4ED498E3BFEE64E952BC44FC6057DB8 ] C:\WINDOWS\system32\desk.cpl
11:53:35.0000 3236 C:\WINDOWS\system32\desk.cpl - ok
11:53:35.0000 3236 [ CB7BCD4A27C33EBDF9483D6E2F5D9E07 ] C:\Program Files\Norton 360\Engine\3.0.0.135\asOEHook.dll
11:53:35.0000 3236 C:\Program Files\Norton 360\Engine\3.0.0.135\asOEHook.dll - ok
11:53:35.0000 3236 [ D5DB352C4C78FA8D42CD15A1E664B0AD ] C:\Program Files\Norton 360\Engine\3.0.0.135\buProv.dll
11:53:35.0000 3236 C:\Program Files\Norton 360\Engine\3.0.0.135\buProv.dll - ok
11:53:35.0015 3236 [ A314EEA2A503A8E04085201E436384A5 ] C:\WINDOWS\system32\themeui.dll
11:53:35.0015 3236 C:\WINDOWS\system32\themeui.dll - ok
11:53:35.0015 3236 [ 07217D31B6B8CD10B8262468A8C4132B ] C:\Program Files\Norton 360\Engine\3.0.0.135\ccEmlPxy.dll
11:53:35.0015 3236 C:\Program Files\Norton 360\Engine\3.0.0.135\ccEmlPxy.dll - ok
11:53:35.0015 3236 [ AD968A4F84266A45218F9EEE13ACA6C6 ] C:\Program Files\Norton 360\Engine\3.0.0.135\gwrks32.dll
11:53:35.0015 3236 C:\Program Files\Norton 360\Engine\3.0.0.135\gwrks32.dll - ok
11:53:35.0031 3236 [ 537B0E1ECFD2F0A64FBAB6EA7CE4E6D6 ] C:\Program Files\Norton 360\Engine\3.0.0.135\cltAlDis.dll
11:53:35.0031 3236 C:\Program Files\Norton 360\Engine\3.0.0.135\cltAlDis.dll - ok
11:53:35.0031 3236 [ FFE3354DF3D2A5BFBF33D759E6A3D764 ] C:\Program Files\Norton 360\MUI\3.0.0.135\09\01\cltRes.loc
11:53:35.0031 3236 C:\Program Files\Norton 360\MUI\3.0.0.135\09\01\cltRes.loc - ok
11:53:35.0031 3236 [ 818B229E35867F8A3762C904132F591F ] C:\Program Files\Norton 360\Engine\3.0.0.135\gearaw32.dll
11:53:35.0031 3236 C:\Program Files\Norton 360\Engine\3.0.0.135\gearaw32.dll - ok
11:53:35.0046 3236 [ E85908D7BB6F7046C7FD59E2CC32C29D ] C:\Program Files\Norton 360\Engine\3.0.0.135\FWSesAl.dll
11:53:35.0046 3236 C:\Program Files\Norton 360\Engine\3.0.0.135\FWSesAl.dll - ok
11:53:35.0046 3236 [ 8F05FCBEC57D43C22699303188844B84 ] C:\Program Files\Norton 360\Engine\3.0.0.135\SymRedir.dll
11:53:35.0046 3236 C:\Program Files\Norton 360\Engine\3.0.0.135\SymRedir.dll - ok
11:53:35.0046 3236 [ 2416DDB0AE088267B5DB46014568CB6D ] C:\Program Files\Norton 360\Engine\3.0.0.135\AcctMgr.dll
11:53:35.0046 3236 C:\Program Files\Norton 360\Engine\3.0.0.135\AcctMgr.dll - ok
11:53:35.0062 3236 [ BC87DB4759083525F96A159861670C5E ] C:\WINDOWS\system32\dinput.dll
11:53:35.0062 3236 C:\WINDOWS\system32\dinput.dll - ok
11:53:35.0062 3236 [ 80776884E7A05D6DA5040926F82B0273 ] C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6002.22791_x-ww_c8dff154\GdiPlus.dll
11:53:35.0062 3236 C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6002.22791_x-ww_c8dff154\GdiPlus.dll - ok
11:53:35.0062 3236 [ 8B942E97D4DF65FF8E57ECA7FF6ECFDF ] C:\Program Files\Norton 360\Engine\3.0.0.135\asFilter.dll
11:53:35.0062 3236 C:\Program Files\Norton 360\Engine\3.0.0.135\asFilter.dll - ok
11:53:35.0078 3236 [ 8CF2C0FA49D3C5EB89F592681ED5AF2B ] C:\Program Files\Norton 360\Engine\3.0.0.135\asUniPlg.dll
11:53:35.0078 3236 C:\Program Files\Norton 360\Engine\3.0.0.135\asUniPlg.dll - ok
11:53:35.0078 3236 [ 5C284E12F47826E8C866C1511F8CF751 ] C:\Program Files\Norton 360\Engine\3.0.0.135\SDKCmn.dll
11:53:35.0078 3236 C:\Program Files\Norton 360\Engine\3.0.0.135\SDKCmn.dll - ok
11:53:35.0078 3236 [ 9ECB910CEBED1BDB3C49EE32F28A02F6 ] C:\Program Files\Norton 360\Engine\3.0.0.135\uiAlert.dll
11:53:35.0078 3236 C:\Program Files\Norton 360\Engine\3.0.0.135\uiAlert.dll - ok
11:53:35.0078 3236 [ 3CBA2210FA39C6ED7895634842E930DD ] C:\WINDOWS\system32\sensapi.dll
11:53:35.0093 3236 C:\WINDOWS\system32\sensapi.dll - ok
11:53:35.0093 3236 [ 6FB63A18B17ECD20EA750AA5171BF6D0 ] C:\Program Files\Norton 360\Engine\3.0.0.135\AVMail.dll
11:53:35.0093 3236 C:\Program Files\Norton 360\Engine\3.0.0.135\AVMail.dll - ok
11:53:35.0093 3236 [ 6D778E0F95447E6546553EEEA709D03C ] C:\WINDOWS\system32\cmd.exe
11:53:35.0093 3236 C:\WINDOWS\system32\cmd.exe - ok
11:53:35.0093 3236 [ CE5BC065C74C0A49486664CF71E0CA0A ] C:\WINDOWS\system32\ieframe.dll
11:53:35.0093 3236 C:\WINDOWS\system32\ieframe.dll - ok
11:53:35.0109 3236 [ 7680E0CD53431674A64041FE4EF2A822 ] C:\Program Files\Norton 360\Engine\3.0.0.135\NPC360ui.dll
11:53:35.0109 3236 C:\Program Files\Norton 360\Engine\3.0.0.135\NPC360ui.dll - ok
11:53:35.0109 3236 [ 4EAE2778C47FE91182D363D3F50C9CD0 ] C:\Program Files\Norton 360\Engine\3.0.0.135\cltui.dll
11:53:35.0109 3236 C:\Program Files\Norton 360\Engine\3.0.0.135\cltui.dll - ok
11:53:35.0109 3236 [ E75C509B314543C974E00EF34158102F ] C:\Program Files\Norton 360\Engine\3.0.0.135\SymHTML.dll
11:53:35.0125 3236 C:\Program Files\Norton 360\Engine\3.0.0.135\SymHTML.dll - ok
11:53:35.0125 3236 [ 9E03DC5AB51CFD0190541CE2038D819D ] C:\WINDOWS\system32\usp10.dll
11:53:35.0125 3236 C:\WINDOWS\system32\usp10.dll - ok
11:53:35.0125 3236 [ ED1F8A0A8F8AAF1ADD8F78D4B2037D70 ] C:\Program Files\Norton 360\Engine\3.0.0.135\isPwd.dll
11:53:35.0125 3236 C:\Program Files\Norton 360\Engine\3.0.0.135\isPwd.dll - ok
11:53:35.0125 3236 [ 480A97A55E986FA4733282D67737FAF8 ] C:\DOCUME~1\COMPAQ~1\LOCALS~1\temp\yucnygos.exe
11:53:35.0140 3236 C:\DOCUME~1\COMPAQ~1\LOCALS~1\temp\yucnygos.exe - ok
11:53:35.0140 3236 [ C5A2155E27F1E00B629ECA9FED6AC841 ] C:\DOCUME~1\COMPAQ~1\LOCALS~1\temp\46579EB7-3E3E-413E-A997-2CB755A84DAD.exe
11:53:35.0140 3236 C:\DOCUME~1\COMPAQ~1\LOCALS~1\temp\46579EB7-3E3E-413E-A997-2CB755A84DAD.exe - ok
11:53:35.0140 3236 [ 17AA58A54C00F1746B8654C050491F43 ] C:\WINDOWS\system32\msutb.dll
11:53:35.0140 3236 C:\WINDOWS\system32\msutb.dll - ok
11:53:35.0140 3236 [ E40FCF943127DDC8FD60554B722D762B ] C:\WINDOWS\system32\msctf.dll
11:53:35.0140 3236 C:\WINDOWS\system32\msctf.dll - ok
11:53:35.0156 3236 [ 533AECD1B5356870AE2D905B4D3B42B7 ] C:\Program Files\Microsoft Office\Office12\GrooveMisc.dll
11:53:35.0156 3236 C:\Program Files\Microsoft Office\Office12\GrooveMisc.dll - ok
11:53:35.0156 3236 [ 91790D6749EBED90E2C40479C0A91879 ] C:\WINDOWS\system32\verclsid.exe
11:53:35.0156 3236 C:\WINDOWS\system32\verclsid.exe - ok
11:53:35.0156 3236 [ 5D999BF519415D1C8EE0B97FF6A254DB ] C:\Program Files\Microsoft Office\Office12\MSOHEVI.DLL
11:53:35.0156 3236 C:\Program Files\Microsoft Office\Office12\MSOHEVI.DLL - ok
11:53:35.0171 3236 [ 2A8681AEA24003040CA7D677BE9F1702 ] C:\WINDOWS\system32\drivers\48060029.sys
11:53:35.0171 3236 C:\WINDOWS\system32\drivers\48060029.sys - ok
11:53:35.0171 3236 [ 9583183A032C85706B81B92A25C5B331 ] C:\WINDOWS\RTHDCPL.exe
11:53:35.0171 3236 C:\WINDOWS\RTHDCPL.exe - ok
11:53:35.0171 3236 [ 469690B9702F02AF087EA52B3B843202 ] C:\WINDOWS\SOUNDMAN.EXE
11:53:35.0171 3236 C:\WINDOWS\SOUNDMAN.EXE - ok
11:53:35.0187 3236 [ 93C088C2AEB2F23E720BDA7E32BD5117 ] C:\WINDOWS\system32\upnp.dll
11:53:35.0187 3236 C:\WINDOWS\system32\upnp.dll - ok
11:53:35.0187 3236 [ 3D075865DCC26931972F6476AD0497BE ] C:\WINDOWS\system32\ssdpapi.dll
11:53:35.0187 3236 C:\WINDOWS\system32\ssdpapi.dll - ok
11:53:35.0187 3236 [ 439231898C6FDC13996AE3D733D00FBA ] C:\WINDOWS\system32\CTHELPER.EXE
11:53:35.0187 3236 C:\WINDOWS\system32\CTHELPER.EXE - ok
11:53:35.0203 3236 [ F80A415EF82CD06FFAF0D971528EAD38 ] C:\WINDOWS\system32\drivers\http.sys
11:53:35.0203 3236 C:\WINDOWS\system32\drivers\http.sys - ok
11:53:35.0203 3236 [ 0A5679B3714EDAB99E357057EE88FCA6 ] C:\WINDOWS\system32\ssdpsrv.dll
11:53:35.0203 3236 C:\WINDOWS\system32\ssdpsrv.dll - ok
11:53:35.0203 3236 [ 1C22A3866112ED41E1F3684DAE9AD5D2 ] C:\WINDOWS\system32\mmcshext.dll
11:53:35.0203 3236 C:\WINDOWS\system32\mmcshext.dll - ok
11:53:35.0218 3236 [ D3E868700D9B5E3C54B7EED060215CC1 ] C:\WINDOWS\system32\hhsetup.dll
11:53:35.0218 3236 C:\WINDOWS\system32\hhsetup.dll - ok
11:53:35.0218 3236 [ 897C26D149F4750FAF8666727DD5DD0A ] C:\WINDOWS\ALCWZRD.EXE
11:53:35.0218 3236 C:\WINDOWS\ALCWZRD.EXE - ok
11:53:35.0218 3236 [ 76848CB1AA5818DB47D5F5986E0A7485 ] C:\WINDOWS\system32\mfc42.dll
11:53:35.0218 3236 C:\WINDOWS\system32\mfc42.dll - ok
11:53:35.0234 3236 [ 037B1E7798960E0420003D05BB577EE6 ] C:\WINDOWS\system32\rundll32.exe
11:53:35.0234 3236 C:\WINDOWS\system32\rundll32.exe - ok
11:53:35.0234 3236 [ B714735C12A70171DE28657948FD91F1 ] C:\WINDOWS\system32\mlang.dll
11:53:35.0234 3236 C:\WINDOWS\system32\mlang.dll - ok
11:53:35.0234 3236 [ 310F1E8A0781887BA1C217448C0E4D48 ] C:\WINDOWS\SMINST\Recguard.exe
11:53:35.0234 3236 C:\WINDOWS\SMINST\Recguard.exe - ok
11:53:35.0250 3236 [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] C:\WINDOWS\system32\rasmans.dll
11:53:35.0250 3236 C:\WINDOWS\system32\rasmans.dll - ok
11:53:35.0250 3236 [ D77E83743B07121B1D3941FD80375662 ] C:\WINDOWS\system32\SiSPower.dll
11:53:35.0250 3236 C:\WINDOWS\system32\SiSPower.dll - ok
11:53:35.0250 3236 [ F3602B83B2312450C7036F7419F39618 ] C:\WINDOWS\system32\CTDCIFCE.DLL
11:53:35.0250 3236 C:\WINDOWS\system32\CTDCIFCE.DLL - ok
11:53:35.0265 3236 [ C1254C0B3641A3B3D8A5306AF9AE0638 ] C:\WINDOWS\system32\CTDC0001.DLL
11:53:35.0265 3236 C:\WINDOWS\system32\CTDC0001.DLL - ok
11:53:35.0265 3236 [ 25CF0DAE6043D8167B813ED7CDE5C76E ] C:\Program Files\Common Files\Logitech\QCDriver2\LVComS.exe
11:53:35.0265 3236 C:\Program Files\Common Files\Logitech\QCDriver2\LVComS.exe - ok
11:53:35.0265 3236 [ 5F7692CEC90E2E9AA32CD58321E234B8 ] C:\WINDOWS\system32\rastapi.dll
11:53:35.0265 3236 C:\WINDOWS\system32\rastapi.dll - ok
11:53:35.0281 3236 [ 9819C4F68686E9FE1D62DD0D4767DDD5 ] C:\hp\drivers\hplsbwatcher\LSBurnWatcher.exe
11:53:35.0281 3236 C:\hp\drivers\hplsbwatcher\LSBurnWatcher.exe - ok
11:53:35.0281 3236 [ 0B467F470CC9918FDCEEDCFD7DC4D697 ] C:\WINDOWS\system32\oledlg.dll
11:53:35.0281 3236 C:\WINDOWS\system32\oledlg.dll - ok
11:53:35.0281 3236 [ 064B932A02A18A8E223CBD925EF5314C ] C:\WINDOWS\system32\CTOSUSER.DLL
11:53:35.0281 3236 C:\WINDOWS\system32\CTOSUSER.DLL - ok
11:53:35.0296 3236 [ 4A95F15B706B8FD9EC8715B6401EAB7B ] C:\hp\KBD\kbd.exe
11:53:35.0296 3236 C:\hp\KBD\kbd.exe - ok
11:53:35.0296 3236 [ 5652F6CE1D9E9D8068B9D29BC21B5409 ] C:\WINDOWS\system32\olepro32.dll
11:53:35.0296 3236 C:\WINDOWS\system32\olepro32.dll - ok
11:53:35.0296 3236 [ 4D83ED8BDDEC431FC8AD907B47CFB6E3 ] C:\WINDOWS\system32\dsound.dll
11:53:35.0296 3236 C:\WINDOWS\system32\dsound.dll - ok
11:53:35.0312 3236 [ 2DDB0DBBC15C7B4F586E4F9DAEB3ADBD ] C:\WINDOWS\system32\CTDPROXY.DLL
11:53:35.0312 3236 C:\WINDOWS\system32\CTDPROXY.DLL - ok
11:53:35.0312 3236 [ CC8915DB4E33E8FB29CA0D2DBF75306E ] C:\WINDOWS\system32\webcheck.dll
11:53:35.0312 3236 C:\WINDOWS\system32\webcheck.dll - ok
11:53:35.0312 3236 [ D00FEBB84F3CE9CF310340D15EEE8EA1 ] C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
11:53:35.0312 3236 C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe - ok
11:53:35.0328 3236 [ 50512FC9B7878E3C2C147BC17326A7DB ] C:\WINDOWS\system32\stobject.dll
11:53:35.0328 3236 C:\WINDOWS\system32\stobject.dll - ok
11:53:35.0328 3236 [ 231A0B0E3BA7ABFE469A8262FAA1FD71 ] C:\WINDOWS\system32\batmeter.dll
11:53:35.0328 3236 C:\WINDOWS\system32\batmeter.dll - ok
11:53:35.0328 3236 [ 22D71D1DB6FC789A1CE8AC6963580259 ] C:\WINDOWS\system32\hhctrl.ocx
11:53:35.0328 3236 C:\WINDOWS\system32\hhctrl.ocx - ok
11:53:35.0343 3236 [ D7D69F304A604387B86BE991CBF07663 ] C:\WINDOWS\system32\WPDShServiceObj.dll
11:53:35.0343 3236 C:\WINDOWS\system32\WPDShServiceObj.dll - ok
11:53:35.0343 3236 [ F68A3F0D63BE926ED65ED1C8C5B03A3D ] C:\hp\KBD\LED.DLL
11:53:35.0343 3236 C:\hp\KBD\LED.DLL - ok
11:53:35.0343 3236 [ 51AD048199C49AA40FF318235D2B08CA ] C:\hp\KBD\USB.DLL
11:53:35.0343 3236 C:\hp\KBD\USB.DLL - ok
11:53:35.0359 3236 [ FE528A46F46602F1BB8F4F216C39C357 ] C:\hp\KBD\MSG.DLL
11:53:35.0359 3236 C:\hp\KBD\MSG.DLL - ok
11:53:35.0359 3236 [ 94F6FEC3F5C5532F264FFE05709DE767 ] C:\hp\KBD\PS2.DLL
11:53:35.0359 3236 C:\hp\KBD\PS2.DLL - ok
11:53:35.0359 3236 [ 2E4933748178F6D7BD09BA5F38FE044E ] C:\hp\KBD\OSD.DLL
11:53:35.0359 3236 C:\hp\KBD\OSD.DLL - ok
11:53:35.0375 3236 [ 538A270F35A713C360B7ED4168BB7521 ] C:\WINDOWS\system32\mydocs.dll
11:53:35.0375 3236 C:\WINDOWS\system32\mydocs.dll - ok
11:53:35.0375 3236 [ 3C73C6447195D2006802F4FF452496A7 ] C:\hp\KBD\SCT.DLL
11:53:35.0375 3236 C:\hp\KBD\SCT.DLL - ok
11:53:35.0375 3236 [ 7DAD1668B146685818C5504791FD15BC ] C:\hp\KBD\AOL.DLL
11:53:35.0375 3236 C:\hp\KBD\AOL.DLL - ok
11:53:35.0390 3236 [ AB529AB0BFD476644A6DB2357C98D1D5 ] C:\hp\KBD\ONL.DLL
11:53:35.0390 3236 C:\hp\KBD\ONL.DLL - ok
11:53:35.0390 3236 [ 0BAD09C25D37F7BD06D8ED06801BD9BC ] C:\Program Files\Nokia\Nokia PC Suite 7\PhoneBrowser.dll
11:53:35.0390 3236 C:\Program Files\Nokia\Nokia PC Suite 7\PhoneBrowser.dll - ok
11:53:35.0390 3236 [ 0E280A4A6805A752F30F2981D6C4603C ] C:\hp\KBD\URL.DLL
11:53:35.0390 3236 C:\hp\KBD\URL.DLL - ok
11:53:35.0406 3236 [ 261E5E3602941656A1442B255C936B9E ] C:\hp\KBD\CFG.DLL
11:53:35.0406 3236 C:\hp\KBD\CFG.DLL - ok
11:53:35.0406 3236 [ 7EFEAE0CF20BA66E053A850DAD34D3A8 ] C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe
11:53:35.0406 3236 C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe - ok
11:53:35.0406 3236 [ 60DB5561F7B646FA217E9EA6561E6705 ] C:\hp\KBD\MSIKBDIF.DLL
11:53:35.0406 3236 C:\hp\KBD\MSIKBDIF.DLL - ok
11:53:35.0421 3236 [ A25950E73E569469A4DF9DDE7399E1CD ] C:\Program Files\Nokia\Nokia PC Suite 7\NGSCM.dll
11:53:35.0421 3236 C:\Program Files\Nokia\Nokia PC Suite 7\NGSCM.dll - ok
11:53:35.0421 3236 [ 585992D78B671AAA075C02241309795D ] C:\WINDOWS\system32\msvcirt.dll
11:53:35.0421 3236 C:\WINDOWS\system32\msvcirt.dll - ok
11:53:35.0421 3236 [ D0545A010ED2259A740C8414899A938F ] C:\WINDOWS\system32\rasppp.dll
11:53:35.0421 3236 C:\WINDOWS\system32\rasppp.dll - ok
11:53:35.0437 3236 [ B464BD425D5D09ABE4192234D1577B22 ] C:\WINDOWS\system32\ntlsapi.dll
11:53:35.0437 3236 C:\WINDOWS\system32\ntlsapi.dll - ok
11:53:35.0437 3236 [ A655C88AA555BB8EF8957BD29408827F ] C:\WINDOWS\system32\rasqec.dll
11:53:35.0437 3236 C:\WINDOWS\system32\rasqec.dll - ok
11:53:35.0437 3236 [ A6D351093F75D16C574DB31CDF736153 ] C:\DOCUME~1\COMPAQ~1\LOCALS~1\temp\obfaabiv.sys
11:53:35.0437 3236 C:\DOCUME~1\COMPAQ~1\LOCALS~1\temp\obfaabiv.sys - ok
11:53:35.0453 3236 [ 0617536C5EDAF36F301BD2B04C05E30F ] C:\Program Files\Common Files\InstallShield\UpdateService\_ispmres.dll
11:53:35.0453 3236 C:\Program Files\Common Files\InstallShield\UpdateService\_ispmres.dll - ok
11:53:35.0453 3236 [ 48F8A82001B13193B38FB00179C927D0 ] C:\Program Files\Common Files\InstallShield\UpdateService\agent.exe
11:53:35.0453 3236 C:\Program Files\Common Files\InstallShield\UpdateService\agent.exe - ok
11:53:35.0453 3236 [ 480A97A55E986FA4733282D67737FAF8 ] C:\Documents and Settings\Compaq_Owner\ytyucuYT
11:53:35.0453 3236 C:\Documents and Settings\Compaq_Owner\ytyucuYT - ok
11:53:35.0468 3236 [ D6F934A361D7F0BE8271673988D4E7FD ] C:\WINDOWS\temp\7fffffb1
11:53:35.0468 3236 C:\WINDOWS\temp\7fffffb1 - ok
11:53:35.0468 3236 [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] C:\WINDOWS\system32\imapi.exe
11:53:35.0468 3236 C:\WINDOWS\system32\imapi.exe - ok
11:53:35.0468 3236 [ 480A97A55E986FA4733282D67737FAF8 ] C:\Documents and Settings\Compaq_Owner\1CeYHfG
11:53:35.0468 3236 C:\Documents and Settings\Compaq_Owner\1CeYHfG - ok
11:53:35.0484 3236 [ 75563FF603C40F0A5486750E0C486CC2 ] C:\Program Files\Nokia\Nokia PC Suite 7\PCSL.dll
11:53:35.0484 3236 C:\Program Files\Nokia\Nokia PC Suite 7\PCSL.dll - ok
11:53:35.0484 3236 [ 73DD6940DCCB252489CE5C4EF8CDA075 ] C:\Program Files\Nokia\Nokia PC Suite 7\Lang\PhoneBrowser_eng.NLR
11:53:35.0484 3236 C:\Program Files\Nokia\Nokia PC Suite 7\Lang\PhoneBrowser_eng.NLR - ok
11:53:35.0484 3236 [ F2699D792A0D3079E9B2EE7F6F7C62AF ] C:\Program Files\Nokia\Nokia PC Suite 7\Resource\PhoneBrowser_Nokia.NGR
11:53:35.0484 3236 C:\Program Files\Nokia\Nokia PC Suite 7\Resource\PhoneBrowser_Nokia.NGR - ok
11:53:35.0500 3236 [ 8BBBADA96FFE1449EDD39256EDA99CD8 ] C:\WINDOWS\system32\igfxtray.exe
11:53:35.0500 3236 C:\WINDOWS\system32\igfxtray.exe - ok
11:53:35.0500 3236 [ A687C458B80C7D55CBE39649D952ED2A ] C:\WINDOWS\system32\PortableDeviceTypes.dll
11:53:35.0500 3236 C:\WINDOWS\system32\PortableDeviceTypes.dll - ok
11:53:35.0500 3236 [ 5B120AC95451AF137981C1BC13978806 ] C:\WINDOWS\system32\hccutils.dll
11:53:35.0500 3236 C:\WINDOWS\system32\hccutils.dll - ok
11:53:35.0515 3236 [ E132AD94798E72ACB650E985984C7F58 ] C:\WINDOWS\system32\PortableDeviceApi.dll
11:53:35.0515 3236 C:\WINDOWS\system32\PortableDeviceApi.dll - ok
11:53:35.0515 3236 [ 06A1ECB63DF139EC639E084D4AB3C9D7 ] C:\WINDOWS\system\hpsysdrv.exe
11:53:35.0515 3236 C:\WINDOWS\system\hpsysdrv.exe - ok
11:53:35.0515 3236 [ 480A97A55E986FA4733282D67737FAF8 ] C:\WINDOWS\system32\ytyucuYT
11:53:35.0515 3236 C:\WINDOWS\system32\ytyucuYT - ok
11:53:35.0531 3236 [ 0E34B7BB1FCF22BCC1E394D16F9E992B ] C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
11:53:35.0531 3236 C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe - ok
11:53:35.0531 3236 [ E7BE65BF79906AEBC698E077D53F6A1C ] C:\WINDOWS\AGRSMMSG.exe
11:53:35.0531 3236 C:\WINDOWS\AGRSMMSG.exe - ok
11:53:35.0531 3236 [ 707C0C5D9BE7163182227470E9CD3C9A ] C:\Program Files\Belkin\F5D8055\v2\Belkinwcui.exe
11:53:35.0531 3236 C:\Program Files\Belkin\F5D8055\v2\Belkinwcui.exe - ok
11:53:35.0546 3236 [ A4DF135D9CBE77CD3F6E272558C2B907 ] C:\WINDOWS\system32\nvcpl.dll
11:53:35.0546 3236 C:\WINDOWS\system32\nvcpl.dll - ok
11:53:35.0546 3236 [ 62CE6A1F613BD445459D592FDE4AFE14 ] C:\WINDOWS\system32\nwiz.exe
11:53:35.0546 3236 C:\WINDOWS\system32\nwiz.exe - ok
11:53:35.0546 3236 [ 4EA92135C436D18975C2EBEC242B71DA ] C:\WINDOWS\system32\icmp.dll
11:53:35.0546 3236 C:\WINDOWS\system32\icmp.dll - ok
11:53:35.0562 3236 [ 8F1BEC962E5A6F572CD4ADD1CC916055 ] C:\Program Files\Belkin\F5D8055\v2\BelkinwcuiDLL.dll
11:53:35.0562 3236 C:\Program Files\Belkin\F5D8055\v2\BelkinwcuiDLL.dll - ok
11:53:35.0562 3236 [ 12916E0642E92561C98B18A2A2D01B14 ] C:\Program Files\Common Files\Java\Java Update\jusched.exe
11:53:35.0562 3236 C:\Program Files\Common Files\Java\Java Update\jusched.exe - ok
11:53:35.0562 3236 [ A919B6966EAD441E2C4D39112C427A4F ] C:\Program Files\Belkin\F5D8055\v2\PCARmDrv.exe
11:53:35.0562 3236 C:\Program Files\Belkin\F5D8055\v2\PCARmDrv.exe - ok
11:53:35.0578 3236 [ 75EF99EC95884BF97EE054F3B97898FC ] C:\WINDOWS\system32\nview.dll
11:53:35.0578 3236 C:\WINDOWS\system32\nview.dll - ok
11:53:35.0578 3236 [ 4E03322DB729B41AF2C362300DD5576E ] C:\WINDOWS\system32\nvmctray.dll
11:53:35.0578 3236 C:\WINDOWS\system32\nvmctray.dll - ok
11:53:35.0578 3236 [ 401A8C0BE0BAA7D7A470F0942244152D ] C:\WINDOWS\system32\rasdlg.dll
11:53:35.0578 3236 C:\WINDOWS\system32\rasdlg.dll - ok
11:53:35.0578 3236 [ 65A9495A436F5402BC1C467E1B926C27 ] C:\WINDOWS\winhlp32.exe
11:53:35.0578 3236 C:\WINDOWS\winhlp32.exe - ok
11:53:35.0593 3236 [ D4931277DF5393E84A48B27DF40914E3 ] C:\WINDOWS\system32\riched32.dll
11:53:35.0593 3236 C:\WINDOWS\system32\riched32.dll - ok
11:53:35.0593 3236 [ 60D0647A2DC2D397B84D0AFB0808F85D ] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
11:53:35.0593 3236 C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe - ok
11:53:35.0593 3236 [ 8024D3127CEF94313F1EF7BFF08E3CE8 ] C:\WINDOWS\system32\nvapi.dll
11:53:35.0593 3236 C:\WINDOWS\system32\nvapi.dll - ok
11:53:35.0609 3236 [ 69EE0CB3B05F619EFF7E46F978BBFEEA ] C:\WINDOWS\system32\asycfilt.dll
11:53:35.0609 3236 C:\WINDOWS\system32\asycfilt.dll - ok
11:53:35.0609 3236 [ 83DA953296B2D7CEE69B89F867C574D6 ] C:\WINDOWS\system32\nvwddi.dll
11:53:35.0609 3236 C:\WINDOWS\system32\nvwddi.dll - ok
11:53:35.0609 3236 [ FEF1E65F151B1EC74A83597FD65BAC4F ] C:\Program Files\Belkin\F5D8055\v2\BelkinHWStatus.dll
11:53:35.0609 3236 C:\Program Files\Belkin\F5D8055\v2\BelkinHWStatus.dll - ok
11:53:35.0625 3236 [ 8E16BF5600797E678EA97051CF93E6BF ] C:\WINDOWS\system32\dumprep.exe
11:53:35.0625 3236 C:\WINDOWS\system32\dumprep.exe - ok
11:53:35.0625 3236 [ 744AE70A13159554BE527CB3409AD604 ] C:\WINDOWS\system32\nvdisps.dll
11:53:35.0625 3236 C:\WINDOWS\system32\nvdisps.dll - ok
11:53:35.0625 3236 [ F34E7705751BB413283434697BF8E55D ] C:\Program Files\DAEMON Tools Lite\DTLite.exe
11:53:35.0625 3236 C:\Program Files\DAEMON Tools Lite\DTLite.exe - ok
11:53:35.0640 3236 [ 0B254D63A581F93247A1A3D44DB903BB ] C:\WINDOWS\system32\igfxdev.dll
11:53:35.0640 3236 C:\WINDOWS\system32\igfxdev.dll - ok
11:53:35.0640 3236 [ C7144387E236687F8FB3F26FC845A822 ] C:\Program Files\Pando Networks\Media Booster\PMB.exe
11:53:35.0640 3236 C:\Program Files\Pando Networks\Media Booster\PMB.exe - ok
11:53:35.0640 3236 [ 9385BD61B365DE7CF9AF3290B7D5A3B9 ] C:\Program Files\DAEMON Tools Lite\DTCommonRes.dll
11:53:35.0640 3236 C:\Program Files\DAEMON Tools Lite\DTCommonRes.dll - ok
11:53:35.0656 3236 [ E2C48CD0132D4D1DC7D0DF9A6BEF686A ] C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_150c9e8b\mfc80u.dll
11:53:35.0656 3236 C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_150c9e8b\mfc80u.dll - ok
11:53:35.0656 3236 [ 87672FD8B10E0E3D6098799CAFF04C3D ] C:\Program Files\DAEMON Tools Lite\DTLiteUI.dll
11:53:35.0656 3236 C:\Program Files\DAEMON Tools Lite\DTLiteUI.dll - ok
11:53:35.0656 3236 [ 28A09777D2D952122567A8A82F1A2C7B ] C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_6a5bb789\mfc80ENU.dll
11:53:35.0656 3236 C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_6a5bb789\mfc80ENU.dll - ok
11:53:35.0671 3236 [ 4C5E139FAB02BEE58EDC88E1512110FB ] C:\Program Files\Pando Networks\Media Booster\nspr4.dll
11:53:35.0671 3236 C:\Program Files\Pando Networks\Media Booster\nspr4.dll - ok
11:53:35.0671 3236 [ CDBE9690CF2B8409FACAD94FAC9479C9 ] C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_31a54e43\msvcr90.dll
11:53:35.0671 3236 C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_31a54e43\msvcr90.dll - ok
11:53:35.0671 3236 [ 5716DD3DEC01F5D185A2EAC81D4078F3 ] C:\Program Files\DAEMON Tools Lite\Engine.dll
11:53:35.0671 3236 C:\Program Files\DAEMON Tools Lite\Engine.dll - ok
11:53:35.0687 3236 [ 80A44106AC048D325B4F667B24DE1E40 ] C:\Program Files\Pando Networks\Media Booster\plc4.dll
11:53:35.0687 3236 C:\Program Files\Pando Networks\Media Booster\plc4.dll - ok
11:53:35.0687 3236 [ 63DA5CAD540EF9074ED25DAFF40FC299 ] C:\Program Files\Pando Networks\Media Booster\BugSplat.dll
11:53:35.0687 3236 C:\Program Files\Pando Networks\Media Booster\BugSplat.dll - ok
11:53:35.0687 3236 [ 871F979D70414C900B35E56222932DAF ] C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_6f74963e\msvcp90.dll
11:53:35.0687 3236 C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_6f74963e\msvcp90.dll - ok
11:53:35.0703 3236 [ 4D03CA609E68F4C90CF66515218017F8 ] C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_6f74963e\msvcr90.dll
11:53:35.0703 3236 C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_6f74963e\msvcr90.dll - ok
11:53:35.0703 3236 [ CBFA0B98EFBEB31D5B98C5BFB918328F ] C:\Program Files\Pando Networks\Media Booster\nss3.dll
11:53:35.0703 3236 C:\Program Files\Pando Networks\Media Booster\nss3.dll - ok
11:53:35.0718 3236 [ 63C5640C22ED06766B7EDD04ABE76287 ] C:\Program Files\Pando Networks\Media Booster\softokn3.dll
11:53:35.0718 3236 C:\Program Files\Pando Networks\Media Booster\softokn3.dll - ok
11:53:35.0718 3236 [ DCF946D365991221DFDD5DB29C4BFDF7 ] C:\Program Files\Pando Networks\Media Booster\plds4.dll
11:53:35.0718 3236 C:\Program Files\Pando Networks\Media Booster\plds4.dll - ok
11:53:35.0718 3236 [ B4AF61BDA9D4C58FB9B67B9759A98205 ] C:\Program Files\Pando Networks\Media Booster\ssl3.dll
11:53:35.0718 3236 C:\Program Files\Pando Networks\Media Booster\ssl3.dll - ok
11:53:35.0718 3236 [ 6A5ED595E0CAD51DDE2DA14EDC8F4BFF ] C:\Program Files\Pando Networks\Media Booster\smime3.dll
11:53:35.0734 3236 C:\Program Files\Pando Networks\Media Booster\smime3.dll - ok
11:53:35.0734 3236 [ C6836EE046D2E383672DAF40694046F7 ] C:\Program Files\DAEMON Tools Lite\imgengine.dll
11:53:35.0734 3236 C:\Program Files\DAEMON Tools Lite\imgengine.dll - ok
11:53:35.0734 3236 [ D2AF7A30E4B7BA1C743F0DCE11E04B5E ] C:\Program Files\Pando Networks\Media Booster\freebl3.dll
11:53:35.0734 3236 C:\Program Files\Pando Networks\Media Booster\freebl3.dll - ok
11:53:35.0734 3236 [ 1793CC660605F63B14FB96C7707F75BA ] C:\WINDOWS\system32\perfproc.dll
11:53:35.0750 3236 C:\WINDOWS\system32\perfproc.dll - ok
11:53:35.0750 3236 [ DBE2B62353660ECCA0D75EA307A717E9 ] C:\WINDOWS\system32\perfctrs.dll
11:53:35.0750 3236 C:\WINDOWS\system32\perfctrs.dll - ok
11:53:35.0750 3236 [ 3EF0D0D0B361EF979671C3F0A67AB8A9 ] C:\Program Files\Norton 360\Engine\3.0.0.135\IMCfg.dll
11:53:35.0750 3236 C:\Program Files\Norton 360\Engine\3.0.0.135\IMCfg.dll - ok
11:53:35.0750 3236 [ 731F22BA402EE4B62748ADAF6363C182 ] C:\WINDOWS\system32\drivers\ipfltdrv.sys
11:53:35.0750 3236 C:\WINDOWS\system32\drivers\ipfltdrv.sys - ok
11:53:35.0765 3236 [ 90A9B542C9300E540864D9FE1C42A130 ] C:\WINDOWS\system32\fxsst.dll
11:53:35.0765 3236 C:\WINDOWS\system32\fxsst.dll - ok
11:53:35.0765 3236 [ C14350FC0D47D806699C4F907FC6785B ] C:\WINDOWS\system32\cryptnet.dll
11:53:35.0765 3236 C:\WINDOWS\system32\cryptnet.dll - ok
11:53:35.0765 3236 [ B48E7B4C95CCE0C6C0C3F7B1A97FBC8F ] C:\WINDOWS\system32\wzcdlg.dll
11:53:35.0765 3236 C:\WINDOWS\system32\wzcdlg.dll - ok
11:53:35.0781 3236 [ 36468087E22C57A83DF758B3F90DF73F ] C:\WINDOWS\system32\ntlanman.dll
11:53:35.0781 3236 C:\WINDOWS\system32\ntlanman.dll - ok
11:53:35.0781 3236 [ AC5DF42FE314C1446B1DAD237BFCFFE0 ] C:\WINDOWS\system32\netui0.dll
11:53:35.0781 3236 C:\WINDOWS\system32\netui0.dll - ok
11:53:35.0781 3236 [ ED5A816D8E11E03F1937AC3C56826EE4 ] C:\WINDOWS\system32\netui1.dll
11:53:35.0781 3236 C:\WINDOWS\system32\netui1.dll - ok
11:53:35.0796 3236 [ 2DE1190196EE9555DB548A57622022EB ] C:\WINDOWS\system32\drprov.dll
11:53:35.0796 3236 C:\WINDOWS\system32\drprov.dll - ok
11:53:35.0796 3236 [ FB8F8EEC8D9C2157789472DD61CDC78B ] C:\WINDOWS\system32\davclnt.dll
11:53:35.0796 3236 C:\WINDOWS\system32\davclnt.dll - ok
11:53:35.0796 3236 [ F5CF984927625B23757C83B0E3AACFA9 ] C:\WINDOWS\system32\wbem\wmiadap.exe
11:53:35.0796 3236 C:\WINDOWS\system32\wbem\wmiadap.exe - ok
11:53:35.0812 3236 [ 6358C181BF021970A897C1FAB0ECF5D2 ] C:\WINDOWS\system32\loadperf.dll
11:53:35.0812 3236 C:\WINDOWS\system32\loadperf.dll - ok
11:53:35.0812 3236 [ 960F6D3CD9A1BA6435D7AADD102B297F ] C:\WINDOWS\system32\wbem\wmiprov.dll
11:53:35.0812 3236 C:\WINDOWS\system32\wbem\wmiprov.dll - ok
11:53:35.0812 3236 [ EB7494ECFE01B70B83E781EEB8F88C8A ] C:\WINDOWS\system32\wbem\wmiapres.dll
11:53:35.0812 3236 C:\WINDOWS\system32\wbem\wmiapres.dll - ok
11:53:35.0828 3236 [ F3370C98F4981EDA6036689D298E67B9 ] C:\WINDOWS\system32\browselc.dll
11:53:35.0828 3236 C:\WINDOWS\system32\browselc.dll - ok
11:53:35.0828 3236 [ 0B7D7D73E1BE7B8742B1EBFA3D4DCC49 ] C:\WINDOWS\system32\WpdShext.dll
11:53:35.0828 3236 C:\WINDOWS\system32\WpdShext.dll - ok
11:53:35.0828 3236 [ 1899415F4E5BD55FB9486A4B20E45D6A ] C:\WINDOWS\system32\audiodev.dll
11:53:35.0828 3236 C:\WINDOWS\system32\audiodev.dll - ok
11:53:35.0843 3236 [ DFFEC6479C5E00A103A44AC33A1058AA ] C:\WINDOWS\system32\WMVCore.dll
11:53:35.0843 3236 C:\WINDOWS\system32\WMVCore.dll - ok
11:53:35.0843 3236 [ C77A18954C448DD9F87585247851501A ] C:\WINDOWS\system32\WMASF.dll
11:53:35.0843 3236 C:\WINDOWS\system32\WMASF.dll - ok
11:53:35.0843 3236 [ BF67AC2C1F41BE892B98E9B8E91C0CB8 ] C:\WINDOWS\system32\wiashext.dll
11:53:35.0843 3236 C:\WINDOWS\system32\wiashext.dll - ok
11:53:35.0859 3236 [ 3CAEAE7608F1BD7BA873A3B02895B106 ] C:\WINDOWS\system32\sti.dll
11:53:35.0859 3236 C:\WINDOWS\system32\sti.dll - ok
11:53:35.0859 3236 [ 5E28284F9B5F9097640D58A73D38AD4C ] C:\WINDOWS\system32\notepad.exe
11:53:35.0859 3236 C:\WINDOWS\system32\notepad.exe - ok
11:53:35.0859 3236 [ C5A2155E27F1E00B629ECA9FED6AC841 ] C:\Documents and Settings\Compaq_Owner\Desktop\TDSSKiller.exe
11:53:35.0859 3236 C:\Documents and Settings\Compaq_Owner\Desktop\TDSSKiller.exe - ok
11:53:35.0875 3236 [ 2A8681AEA24003040CA7D677BE9F1702 ] C:\WINDOWS\system32\drivers\79418468.sys
11:53:35.0875 3236 C:\WINDOWS\system32\drivers\79418468.sys - ok
11:53:35.0875 3236 ============================================================
11:53:35.0875 3236 Scan finished
11:53:35.0875 3236 ============================================================
11:53:35.0984 3548 Detected object count: 17
11:53:35.0984 3548 Actual detected object count: 17
11:53:48.0796 3548 AegisP ( UnsignedFile.Multi.Generic ) - skipped by user
11:53:48.0796 3548 AegisP ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:53:48.0796 3548 ctac32k ( UnsignedFile.Multi.Generic ) - skipped by user
11:53:48.0796 3548 ctac32k ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:53:48.0796 3548 ctdvda2k ( UnsignedFile.Multi.Generic ) - skipped by user
11:53:48.0796 3548 ctdvda2k ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:53:48.0796 3548 ctprxy2k ( UnsignedFile.Multi.Generic ) - skipped by user
11:53:48.0796 3548 ctprxy2k ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:53:48.0796 3548 ctsfm2k ( UnsignedFile.Multi.Generic ) - skipped by user
11:53:48.0796 3548 ctsfm2k ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:53:48.0812 3548 emupia ( UnsignedFile.Multi.Generic ) - skipped by user
11:53:48.0812 3548 emupia ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:53:48.0812 3548 ha10kx2k ( UnsignedFile.Multi.Generic ) - skipped by user
11:53:48.0812 3548 ha10kx2k ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:53:48.0812 3548 hap16v2k ( UnsignedFile.Multi.Generic ) - skipped by user
11:53:48.0812 3548 hap16v2k ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:53:48.0812 3548 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
11:53:48.0812 3548 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:53:48.0812 3548 Iviaspi ( UnsignedFile.Multi.Generic ) - skipped by user
11:53:48.0812 3548 Iviaspi ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:53:48.0812 3548 PCTINDIS5 ( UnsignedFile.Multi.Generic ) - skipped by user
11:53:48.0812 3548 PCTINDIS5 ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:53:48.0812 3548 PCTWPASV ( UnsignedFile.Multi.Generic ) - skipped by user
11:53:48.0812 3548 PCTWPASV ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:53:48.0812 3548 Pfc ( UnsignedFile.Multi.Generic ) - skipped by user
11:53:48.0828 3548 Pfc ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:53:48.0828 3548 ServiceLayer ( UnsignedFile.Multi.Generic ) - skipped by user
11:53:48.0828 3548 ServiceLayer ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:53:48.0828 3548 sptd ( LockedFile.Multi.Generic ) - skipped by user
11:53:48.0828 3548 sptd ( LockedFile.Multi.Generic ) - User select action: Skip
11:53:48.0828 3548 USBCM ( UnsignedFile.Multi.Generic ) - skipped by user
11:53:48.0828 3548 USBCM ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:53:48.0828 3548 WMPNetworkSvc ( UnsignedFile.Multi.Generic ) - skipped by user
11:53:48.0828 3548 WMPNetworkSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
  • 0

#37
Nedklaw
Posted 24 November 2012 - 04:44 PM

Nedklaw

    Trusted Helper

  • Malware Removal
  • 1,652 posts
Hi. :)


Step 1

Download AVPTool from here to your desktop.

Run the programme you have just downloaded to your desktop (it will be randomly named).


First we will run a virus scan

Click the cog in the upper right.

Posted Image


Select down to and including your main drive, once done select the Automatic scan tab and press Start Scan.

Posted Image

Allow AVP to delete all infections found.
Once it has finished select report tab (last tab).
Select Detected threads report from the left and press Save button.
Save it to your desktop and attach to your next post.


Now the Analysis

Rerun AVP and select the Manual Disinfection tab and press Start Gathering System Information.

Posted Image


On completion click the link to locate the zip file to upload and attach to your next post.

Posted Image


Things I want to see in your next reply

  • AVPTool report
  • avptool_sysinfo.zip
  • 0

#38
younggeeza
Posted 25 November 2012 - 05:14 AM

younggeeza

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 112 posts
Oh god. Estimated automatic scan time is 1 day. EDIT - will take over 30 hours at this rate.

So far it's found lots of Nimnul.e and at least 1 file infected with Bublik. The Bublik file was one of the yucygnos type name files. Still a long way to go.

About 10% into the scan i was prompted by the tool to perform a special disinfection tool to remove the Bublik virus. I said yes and then after a few seconds the tool popped up. Soon after i was prompted with a windows message with the red X.

'KBD.EXE - Bad Image'
'The application or DLL C:\WINDOWS\symstem32\psapi.dll is not a valid Windows image. Please check this against your installation diskette.'

The removal tool prompt has now come up at least 4 times but every time the scan continues, it still finds copies of Bublik. I'm going to click skip this time because I'm still only at 15% in the scan.

Argh it stopped overnight because it can't delete anything in System Volume Information because apparently the object cannot be found. I Also have an application error for dwwin.exe saying it failed to initialise properly (0xc0000142)...After i clicked ok the virus scanner crashed. When I tried to reopen it - 'Error - Write error in the file skin\images\resfile.png. Probably the disk is full". Wouldn't let me reopen the scanner because it was repeatedly saying for each file that there was a write error and that the disk is probably full. It doesn't appear to be full.

Restarted pc. The installation completed and then days long scan has started all over again...............

----------------------------------------------------

Ok so the 2nd attempt scan has finally come to an end. First time round it got through about 30% before it closed itself and had found something like 2000 threats. This second time round it's found just over 500. Also apologies if the running commentary is difficult to follow. Figured you might get something important out of it.

----------------------------------------------------

All the info including what was in the zip that was created is in the zip I've added. There was also a HUUUUUGE log which has so much text in that I was certain you wouldn't want it. Also I'm worried this virus could jump via my USB to my laptop from my PC. Any chance of that happening?

Attached Files


Edited by younggeeza, 26 November 2012 - 02:30 PM.

  • 0

#39
Nedklaw
Posted 28 November 2012 - 07:02 PM

Nedklaw

    Trusted Helper

  • Malware Removal
  • 1,652 posts
Hi. :)
There is no indication in your logs that the malware could jump onto your USB. You can use the following tool though to be safe:

  • Please download Panda USB Vaccine (you must provide a valid e-mail and they will send you a download link to this e-mail address) to your desktop.
  • Install and run the program.
    • Double-click on the file USBVaccine.zip located on your desktop.
    • A file viewer will open. Double-click on the file USBVaccineSetup.exe. Please select Yes if you are asked if you want to allow the program to make changes to the computer.
    • Follow the steps on screen to install the program on your computer.
  • Plug in your USB drive and click on Vaccinate USB and Vaccinate Computer.

I am currently reviewing your report from AVP and should get back to you soon.
  • 0

#40
Nedklaw
Posted 01 December 2012 - 06:30 PM

Nedklaw

    Trusted Helper

  • Malware Removal
  • 1,652 posts
Hi. :)
AVP seems to have removed a lot of stuff.

  • Open OTL again and select the "Scan All Users" box.
  • Click the Quick Scan button. Post the log it produces in your next reply.

Things I want to see in your next reply

  • OTL.txt
  • 0

Advertisements

#41
younggeeza
Posted 04 December 2012 - 12:31 PM

younggeeza

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 112 posts
OTL logfile created on: 04/12/2012 18:06:06 - Run 17
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Compaq_Owner\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

3.00 Gb Total Physical Memory | 2.37 Gb Available Physical Memory | 78.95% Memory free
4.84 Gb Paging File | 4.41 Gb Available in Paging File | 91.28% Paging File free
Paging file location(s): c:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 228.93 Gb Total Space | 91.87 Gb Free Space | 40.13% Space Free | Partition Type: NTFS
Drive D: | 3.94 Gb Total Space | 1.06 Gb Free Space | 26.94% Space Free | Partition Type: FAT32
Drive E: | 372.74 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive M: | 59.74 Gb Total Space | 51.56 Gb Free Space | 86.32% Space Free | Partition Type: FAT32

Computer Name: SILVER-LIGHTNIN | User Name: Compaq_Owner | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/11/18 14:10:26 | 000,115,560 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton 360\Engine\3.0.0.135\ccSvcHst.exe
PRC - [2012/10/22 10:45:55 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Compaq_Owner\Desktop\OTL.exe
PRC - [2012/09/04 09:21:56 | 000,161,768 | ---- | M] (Oracle Corporation) -- C:\Program Files\Java\jre7\bin\jqs.exe
PRC - [2012/01/13 14:53:18 | 000,652,360 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012/01/13 14:53:18 | 000,460,872 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2011/07/03 02:01:06 | 003,077,528 | ---- | M] () -- C:\Program Files\Pando Networks\Media Booster\PMB.exe
PRC - [2010/04/01 09:16:20 | 000,357,696 | ---- | M] (DT Soft Ltd) -- C:\Program Files\DAEMON Tools Lite\DTLite.exe
PRC - [2008/04/14 00:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2004/07/29 01:34:22 | 002,551,808 | ---- | M] (RealTek Semicoductor Corp.) -- C:\WINDOWS\ALCWZRD.EXE
PRC - [2004/07/29 00:40:18 | 000,077,824 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SOUNDMAN.EXE
PRC - [2004/01/30 13:59:40 | 000,204,800 | ---- | M] (PCTEL Inc.) -- C:\Program Files\Arcadyan Wireless\pctwpasv.exe
PRC - [2003/09/04 10:45:08 | 000,135,214 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\Logitech\QCDriver2\LVComS.exe


========== Modules (No Company Name) ==========

MOD - [2011/07/03 02:01:06 | 003,077,528 | ---- | M] () -- C:\Program Files\Pando Networks\Media Booster\PMB.exe
MOD - [2007/04/02 12:49:20 | 000,355,112 | ---- | M] () -- C:\WINDOWS\system32\msjetoledb40.dll


========== Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt)
SRV - [2012/11/18 14:10:26 | 000,115,560 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Norton 360\Engine\3.0.0.135\ccSvcHst.exe -- (N360)
SRV - [2012/10/26 23:41:49 | 000,115,168 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/09/04 09:21:56 | 000,161,768 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Program Files\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2012/01/13 14:53:18 | 000,652,360 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2011/09/27 19:03:28 | 000,295,192 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe -- (LBTServ)
SRV - [2007/11/06 20:22:26 | 000,092,792 | ---- | M] (CACE Technologies) [On_Demand | Stopped] -- C:\Program Files\WinPcap\rpcapd.exe -- (rpcapd)
SRV - [2004/01/30 13:59:40 | 000,204,800 | ---- | M] (PCTEL Inc.) [Auto | Running] -- C:\Program Files\Arcadyan Wireless\pctwpasv.exe -- (PCTWPASV)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | Boot | Stopped] -- system32\DRIVERS\viaagp1.sys -- (viaagp1)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\Safe Returner\RegKernelHelp.sys -- (RegKernelHelp)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\Drivers\PROCEXP151.SYS -- (PROCEXP151)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\el90xbc5.sys -- (EL90XBC)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\EagleXNt.sys -- (EagleXNt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Nedklaw\catchme.sys -- (catchme)
DRV - File not found [Kernel | On_Demand | Unknown] -- -- (anobi22m)
DRV - File not found [Kernel | On_Demand | Unknown] -- -- (aify6nv9)
DRV - [2012/11/18 14:10:39 | 000,124,464 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2012/11/18 14:10:29 | 000,876,144 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20090226.034\NAVEX15.SYS -- (NAVEX15)
DRV - [2012/11/18 14:10:29 | 000,310,320 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\N360\0300000.087\SymEFA.sys -- (SymEFA)
DRV - [2012/11/18 14:10:29 | 000,307,760 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\N360\0300000.087\srtsp.sys -- (SRTSP)
DRV - [2012/11/18 14:10:29 | 000,217,392 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\N360\0300000.087\symtdi.sys -- (SYMTDI)
DRV - [2012/11/18 14:10:29 | 000,089,776 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\N360\0300000.087\symfw.sys -- (SYMFW)
DRV - [2012/11/18 14:10:29 | 000,089,104 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20090226.034\NAVENG.SYS -- (NAVENG)
DRV - [2012/11/18 14:10:29 | 000,043,696 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\N360\0300000.087\srtspx.sys -- (SRTSPX)
DRV - [2012/11/18 14:10:29 | 000,037,296 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\N360\0300000.087\symndis.sys -- (SYMNDIS)
DRV - [2012/11/18 14:10:29 | 000,036,400 | R--- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SymIM.sys -- (SymIMMP)
DRV - [2012/11/18 14:10:29 | 000,036,400 | R--- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SymIM.sys -- (SymIM)
DRV - [2012/11/18 14:10:29 | 000,034,736 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\N360\0300000.087\symids.sys -- (SYMIDS)
DRV - [2012/11/18 14:10:28 | 000,482,352 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\N360\0300000.087\cchpx86.sys -- (ccHP)
DRV - [2012/11/18 14:10:28 | 000,371,248 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2012/11/18 14:10:28 | 000,276,344 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20090206.001\IDSxpx86.sys -- (IDSxpx86)
DRV - [2012/11/18 14:10:28 | 000,258,608 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\N360\0300000.087\BHDrvx86.sys -- (BHDrvx86)
DRV - [2012/11/18 14:10:28 | 000,101,936 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2011/12/10 15:24:06 | 000,020,464 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2011/09/02 06:31:28 | 000,039,192 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LMouFilt.Sys -- (LMouFilt)
DRV - [2011/09/02 06:31:20 | 000,041,240 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LHidFilt.Sys -- (LHidFilt)
DRV - [2011/09/02 06:30:58 | 000,012,184 | ---- | M] (Logitech, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\LBeepKE.sys -- (LBeepKE)
DRV - [2011/01/04 13:58:05 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sptd.sys -- (sptd)
DRV - [2009/04/03 23:08:08 | 000,713,344 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rt2870.sys -- (rt2870)
DRV - [2009/01/21 07:49:40 | 000,118,656 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtnicxp.sys -- (RTL8023xp)
DRV - [2008/09/26 09:53:00 | 000,079,120 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LMouKE.Sys -- (LMouKE)
DRV - [2008/09/26 09:53:00 | 000,028,816 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LUsbFilt.sys -- (LUsbFilt)
DRV - [2008/09/26 09:52:00 | 000,063,248 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\L8042mou.Sys -- (L8042mou)
DRV - [2008/09/26 09:52:00 | 000,020,240 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\L8042Kbd.sys -- (L8042Kbd)
DRV - [2008/06/06 09:24:44 | 000,008,064 | ---- | M] (Windows ® Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2008/05/07 07:38:36 | 000,008,064 | ---- | M] (Windows ® Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2008/05/07 07:38:20 | 000,020,864 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2008/05/07 07:38:20 | 000,017,536 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2008/04/13 18:53:09 | 000,040,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmnt.sys -- (nm)
DRV - [2007/11/06 20:22:06 | 000,034,064 | ---- | M] (CACE Technologies) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\npf.sys -- (NPF)
DRV - [2007/09/17 15:53:26 | 000,021,632 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2006/01/25 16:24:30 | 001,149,888 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2004/09/29 22:55:50 | 000,229,888 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sisgrp.sys -- (SiS315)
DRV - [2004/09/24 10:38:40 | 000,012,928 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\srvkp.sys -- (SiSkp)
DRV - [2004/07/29 20:04:26 | 002,216,128 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService)
DRV - [2004/06/10 18:42:38 | 000,015,429 | ---- | M] ( ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Sacm1K.sys -- (USBCM)
DRV - [2004/01/29 22:29:04 | 000,350,282 | ---- | M] (PCTEL Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\PCTELSAP.SYS -- (PRISM_A00)
DRV - [2004/01/15 12:15:06 | 000,017,359 | ---- | M] (PCTEL Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\PCTINDIS5.sys -- (PCTINDIS5)
DRV - [2003/11/13 18:01:52 | 000,145,488 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\EMUPIA2K.SYS -- (emupia)
DRV - [2003/11/13 18:01:38 | 000,130,288 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\CTSFM2K.SYS -- (ctsfm2k)
DRV - [2003/11/13 18:01:10 | 000,006,096 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\CTPRXY2K.SYS -- (ctprxy2k)
DRV - [2003/11/13 17:59:18 | 000,645,360 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\CTAC32K.SYS -- (ctac32k)
DRV - [2003/11/13 17:58:10 | 000,148,432 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\HAP16V2K.SYS -- (hap16v2k)
DRV - [2003/11/13 17:57:40 | 000,904,496 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\HA10KX2K.SYS -- (ha10kx2k)
DRV - [2003/11/12 20:11:54 | 000,333,600 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\CTDVDA2K.SYS -- (ctdvda2k)
DRV - [2003/09/19 01:47:00 | 000,010,368 | ---- | M] (Padus, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pfc.sys -- (Pfc)
DRV - [2003/09/04 10:38:56 | 000,152,576 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LV532AV.SYS -- (PID_0920)
DRV - [2003/07/18 16:58:20 | 000,036,992 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | Boot | Stopped] -- C:\WINDOWS\system32\drivers\SISAGPX.SYS -- (SISAGP)
DRV - [2002/10/04 17:04:10 | 000,046,976 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\R8139n51.sys -- (rtl8139)
DRV - [2002/07/29 22:43:50 | 000,023,808 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\PS2.sys -- (Ps2)
DRV - [2001/08/17 12:11:18 | 000,020,160 | ---- | M] (ADMtek Incorporated) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ADM8511.SYS -- (ADM8511)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}
IE - HKLM\..\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}: "URL" = http://www.ask.com/w...q={SEARCHTERMS}


IE - HKU\.DEFAULT\..\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}: "URL" = http://www.ask.com/w...q={SEARCHTERMS}
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}: "URL" = http://www.ask.com/w...q={SEARCHTERMS}
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}: "URL" = http://www.ask.com/w...q={SEARCHTERMS}

IE - HKU\S-1-5-20\..\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}: "URL" = http://www.ask.com/w...q={SEARCHTERMS}

IE - HKU\S-1-5-21-4084055621-2455302966-1550939352-1007\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Live Search
IE - HKU\S-1-5-21-4084055621-2455302966-1550939352-1007\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://search.live.c...ferrer:source?}
IE - HKU\S-1-5-21-4084055621-2455302966-1550939352-1007\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKU\S-1-5-21-4084055621-2455302966-1550939352-1007\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-gb
IE - HKU\S-1-5-21-4084055621-2455302966-1550939352-1007\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 20 82 4B 6E 8F 86 CD 01 [binary data]
IE - HKU\S-1-5-21-4084055621-2455302966-1550939352-1007\..\SearchScopes,DefaultScope = {AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB9}
IE - HKU\S-1-5-21-4084055621-2455302966-1550939352-1007\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...Box&Form=IE8SRC
IE - HKU\S-1-5-21-4084055621-2455302966-1550939352-1007\..\SearchScopes\{A344D54B-1871-43A7-8EC5-E567C418D4C8}: "URL" = http://search.live.c...Box&Form=IE8SRC
IE - HKU\S-1-5-21-4084055621-2455302966-1550939352-1007\..\SearchScopes\{AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB9}: "URL" = http://www.daemon-se...q={searchTerms}
IE - HKU\S-1-5-21-4084055621-2455302966-1550939352-1007\..\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}: "URL" = http://www.ask.com/w...q={SEARCHTERMS}
IE - HKU\S-1-5-21-4084055621-2455302966-1550939352-1007\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.soa-clan.info/forum/"
FF - prefs.js..extensions.enabledAddons: {e001c731-5e37-4538-a5cb-8168736a2360}:0.9.9.119
FF - prefs.js..extensions.enabledAddons: [email protected]:0.801
FF - prefs.js..network.proxy.type: 0


FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_4_402_287.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll File not found
FF - HKLM\Software\MozillaPlugins\@bittorrent.com/BitTorrentDNA: C:\Program Files\DNA\plugins\npbtdna.dll (BitTorrent, Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012/04/05 22:59:54 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/10/26 23:41:50 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/11/25 17:09:18 | 000,000,000 | ---D | M]

[2009/02/11 17:43:10 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Extensions
[2009/02/11 17:43:10 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Extensions\[email protected]
[2012/10/23 17:53:26 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\r774xhi2.default\extensions
[2009/05/03 15:33:55 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\r774xhi2.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}(2)
[2012/06/27 20:04:08 | 000,000,000 | ---D | M] (Bitdefender QuickScan) -- C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\r774xhi2.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}
[2012/04/03 12:24:58 | 000,004,234 | ---- | M] () (No name found) -- C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\r774xhi2.default\extensions\[email protected]
[2012/10/18 13:26:19 | 000,239,323 | ---- | M] () (No name found) -- C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\r774xhi2.default\extensions\[email protected]
[2012/07/26 17:01:55 | 000,741,958 | ---- | M] () (No name found) -- C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\r774xhi2.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2012/12/04 17:55:13 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012/10/26 23:41:50 | 000,261,600 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2008/09/04 00:11:24 | 000,054,600 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files\mozilla firefox\plugins\npbittorrent.dll
[2012/10/14 07:39:03 | 000,001,525 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-en-GB.xml
[2012/10/14 07:39:03 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012/10/14 07:39:03 | 000,000,935 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\chambers-en-GB.xml
[2012/10/14 07:39:03 | 000,001,166 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-en-GB.xml
[2012/10/14 07:39:03 | 000,002,058 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml
[2012/10/14 07:39:03 | 000,001,121 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-en-GB.xml

O1 HOSTS File: ([2012/11/20 13:02:54 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton 360\Engine\3.0.0.135\CoIEPlg.dll (Symantec Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton 360\Engine\3.0.0.135\IPSBHO.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360\Engine\3.0.0.135\CoIEPlg.dll (Symantec Corporation)
O3 - HKU\S-1-5-21-4084055621-2455302966-1550939352-1007\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360\Engine\3.0.0.135\CoIEPlg.dll (Symantec Corporation)
O4 - HKLM..\Run: [AlcWzrd] C:\WINDOWS\ALCWZRD.EXE (RealTek Semicoductor Corp.)
O4 - HKLM..\Run: [CTHelper] C:\WINDOWS\System32\CTHELPER.EXE (Creative Technology Ltd)
O4 - HKLM..\Run: [F5D8055v2] C:\Program Files\Belkin\F5D8055\v2\Belkinwcui.exe (Belkin)
O4 - HKLM..\Run: [LSBWatcher] c:\hp\drivers\hplsbwatcher\LSBurnWatcher.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [LVCOMS] C:\Program Files\Common Files\Logitech\QCDriver2\LVComS.exe (Logitech Inc.)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [Recguard] C:\WINDOWS\SMINST\Recguard.exe ()
O4 - HKLM..\Run: [SiSPower] C:\WINDOWS\System32\SiSPower.dll (Silicon Integrated Systems Corporation)
O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\SOUNDMAN.EXE (Realtek Semiconductor Corp.)
O4 - HKU\S-1-5-21-4084055621-2455302966-1550939352-1007..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-4084055621-2455302966-1550939352-1007..\Run: [NortonUpdateAgent] C:\Documents and Settings\All Users\Application Data\Norton\NUA.exe (Symantec Corporation)
O4 - HKU\S-1-5-21-4084055621-2455302966-1550939352-1007..\Run: [Pando Media Booster] C:\Program Files\Pando Networks\Media Booster\PMB.exe ()
O4 - Startup: C:\Documents and Settings\Compaq_Owner\Start Menu\Programs\Startup\_uninst_85013881.lnk = File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-4084055621-2455302966-1550939352-1007\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-4084055621-2455302966-1550939352-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-4084055621-2455302966-1550939352-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-4084055621-2455302966-1550939352-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} http://messenger.zon...wn.cab56986.cab (Solitaire Showdown Class)
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} http://messenger.zon...1/GAME_UNO1.cab (UnoCtrl Class)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.micros...b?1293940326812 (WUWebControl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.micros...b?1231289923359 (MUWebControl Class)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset...lineScanner.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Reg Error: Value error.)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zon...nt.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} http://messenger.zon...er.cab56986.cab (Minesweeper Flags Class)
O16 - DPF: {FE5B9F54-7764-4C01-89F0-4862601EE954} http://photos.msn.co....cab?10,0,910,0 (DigWebHelper Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 194.168.4.100 194.168.8.100
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{65F5F5DF-B133-4572-8941-3304DFB16406}: DhcpNameServer = 194.168.4.100 194.168.8.100
O18 - Protocol\Handler\symres {AA1061FE-6C41-421f-9344-69640C9732AB} - C:\Program Files\Norton 360\Engine\3.0.0.135\CoIEPlg.dll (Symantec Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - (igfxsrvc.dll) - C:\WINDOWS\System32\igfxsrvc.dll (Intel Corporation)
O20 - Winlogon\Notify\LBTWlgn: DllName - (c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll) - c:\Program Files\Common Files\Logishrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004/01/01 08:35:37 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2001/07/27 22:07:38 | 000,000,000 | --S- | M] () - D:\AUTOEXEC.BAT -- [ FAT32 ]
O32 - AutoRun File - [2008/08/29 18:44:56 | 000,000,130 | R--- | M] () - E:\AUTORUN.INF -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2012/11/25 10:39:51 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2012/11/20 12:47:27 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2012/11/20 12:47:27 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2012/11/20 12:47:27 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2012/11/20 12:47:27 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2012/11/20 12:44:37 | 005,004,421 | R--- | C] (Swearware) -- C:\Documents and Settings\Compaq_Owner\Desktop\Nedklaw.exe
[2012/11/18 14:11:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\{7B6BA59A-FB0E-4499-8536-A7420338BF3B}
[2012/11/18 14:10:45 | 000,036,400 | R--- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\SymIM.sys
[2012/11/18 14:10:39 | 000,124,464 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\SYMEVENT.SYS
[2012/11/18 14:10:39 | 000,060,808 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\S32EVNT1.DLL
[2012/11/18 14:10:39 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Symantec Shared
[2012/11/18 14:10:39 | 000,000,000 | ---D | C] -- C:\Program Files\Symantec
[2012/11/18 14:10:29 | 000,310,320 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\N360\0300000.087\SymEFA.sys
[2012/11/18 14:10:29 | 000,307,760 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\N360\0300000.087\srtsp.sys
[2012/11/18 14:10:29 | 000,217,392 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\N360\0300000.087\symtdi.sys
[2012/11/18 14:10:29 | 000,089,776 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\N360\0300000.087\symfw.sys
[2012/11/18 14:10:29 | 000,043,696 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\N360\0300000.087\srtspx.sys
[2012/11/18 14:10:29 | 000,039,984 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\N360\0300000.087\symndisv.sys
[2012/11/18 14:10:29 | 000,037,296 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\N360\0300000.087\symndis.sys
[2012/11/18 14:10:29 | 000,034,736 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\N360\0300000.087\symids.sys
[2012/11/18 14:10:28 | 000,482,352 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\N360\0300000.087\cchpx86.sys
[2012/11/18 14:10:28 | 000,258,608 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\N360\0300000.087\BHDrvx86.sys
[2012/11/18 14:09:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\N360
[2012/11/18 14:09:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\N360\0300000.087
[2012/11/18 14:09:51 | 000,000,000 | ---D | C] -- C:\Program Files\Norton 360
[2012/11/18 14:09:50 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Sidebar
[2012/11/18 14:09:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Symantec
[2012/11/18 14:09:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Norton 360
[2012/11/18 14:05:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\PCSettings
[2012/11/18 14:05:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Norton
[2012/11/18 14:03:54 | 000,000,000 | ---D | C] -- C:\Program Files\NortonInstaller
[2012/11/18 14:03:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\NortonInstaller
[2012/11/18 14:00:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012/11/18 13:59:59 | 000,020,464 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2012/11/18 13:59:59 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2012/11/18 13:35:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\yjpdmegv
[2012/11/18 11:40:06 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Compaq_Owner\IECompatCache
[2012/11/18 09:13:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Owner\My Documents\Symantec

========== Files - Modified Within 30 Days ==========

[2012/12/04 18:13:13 | 000,001,940 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\{96C87F53-AC72-4604-A9CC-186A49F17F3C}.ini
[2012/12/04 18:05:47 | 000,511,978 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012/12/04 18:05:47 | 000,091,734 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012/12/04 18:05:10 | 000,206,530 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2012/12/04 18:04:58 | 000,000,248 | ---- | M] () -- C:\WINDOWS\System\hpsysdrv.dat
[2012/12/04 18:03:46 | 000,012,620 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012/12/04 17:54:25 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012/12/04 17:54:16 | 3220,557,824 | -HS- | M] () -- C:\hiberfil.sys
[2012/11/26 18:15:00 | 000,116,257 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Desktop\avz_sysinfo.htm
[2012/11/26 18:15:00 | 000,042,622 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Desktop\avz_sysinfo.xml
[2012/11/25 10:41:47 | 000,000,843 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Start Menu\Programs\Startup\_uninst_85013881.lnk
[2012/11/25 10:31:44 | 145,382,264 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Desktop\setup_11.0.0.1245.x01_2012_11_25_13_38.exe
[2012/11/20 13:02:54 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2012/11/20 12:59:43 | 000,723,974 | ---- | M] () -- C:\WINDOWS\System32\drivers\N360\0300000.087\Cat.DB
[2012/11/20 12:44:02 | 005,004,421 | R--- | M] (Swearware) -- C:\Documents and Settings\Compaq_Owner\Desktop\Nedklaw.exe
[2012/11/18 14:10:39 | 000,124,464 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\SYMEVENT.SYS
[2012/11/18 14:10:39 | 000,060,808 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\S32EVNT1.DLL
[2012/11/18 14:10:39 | 000,007,386 | ---- | M] () -- C:\WINDOWS\System32\drivers\SYMEVENT.CAT
[2012/11/18 14:10:39 | 000,000,805 | ---- | M] () -- C:\WINDOWS\System32\drivers\SYMEVENT.INF
[2012/11/18 14:10:33 | 000,001,917 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Norton 360.LNK
[2012/11/18 14:10:29 | 000,310,320 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\N360\0300000.087\SymEFA.sys
[2012/11/18 14:10:29 | 000,307,760 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\N360\0300000.087\srtsp.sys
[2012/11/18 14:10:29 | 000,217,392 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\N360\0300000.087\symtdi.sys
[2012/11/18 14:10:29 | 000,089,776 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\N360\0300000.087\symfw.sys
[2012/11/18 14:10:29 | 000,043,696 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\N360\0300000.087\srtspx.sys
[2012/11/18 14:10:29 | 000,039,984 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\N360\0300000.087\symndisv.sys
[2012/11/18 14:10:29 | 000,037,296 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\N360\0300000.087\symndis.sys
[2012/11/18 14:10:29 | 000,036,400 | R--- | M] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\SymIM.sys
[2012/11/18 14:10:29 | 000,034,736 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\N360\0300000.087\symids.sys
[2012/11/18 14:10:28 | 000,482,352 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\N360\0300000.087\cchpx86.sys
[2012/11/18 14:10:28 | 000,258,608 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\N360\0300000.087\BHDrvx86.sys
[2012/11/18 14:10:08 | 000,003,373 | ---- | M] () -- C:\WINDOWS\System32\drivers\N360\0300000.087\SymEFA.inf
[2012/11/18 14:10:08 | 000,001,753 | ---- | M] () -- C:\WINDOWS\System32\drivers\N360\0300000.087\ccHPx86.inf
[2012/11/18 14:10:08 | 000,001,528 | ---- | M] () -- C:\WINDOWS\System32\drivers\N360\0300000.087\SymNet.inf
[2012/11/18 14:10:08 | 000,001,389 | ---- | M] () -- C:\WINDOWS\System32\drivers\N360\0300000.087\srtspx.inf
[2012/11/18 14:10:08 | 000,001,383 | ---- | M] () -- C:\WINDOWS\System32\drivers\N360\0300000.087\srtsp.inf
[2012/11/18 14:10:08 | 000,000,640 | ---- | M] () -- C:\WINDOWS\System32\drivers\N360\0300000.087\BHDrvx86.inf
[2012/11/18 14:10:08 | 000,000,172 | ---- | M] () -- C:\WINDOWS\System32\drivers\N360\0300000.087\isolate.ini
[2012/11/18 14:09:55 | 000,009,423 | ---- | M] () -- C:\WINDOWS\System32\drivers\N360\0300000.087\SymNet.cat
[2012/11/18 14:09:55 | 000,007,410 | ---- | M] () -- C:\WINDOWS\System32\drivers\N360\0300000.087\SymEFA.cat
[2012/11/18 14:09:55 | 000,007,372 | ---- | M] () -- C:\WINDOWS\System32\drivers\N360\0300000.087\srtspx.cat
[2012/11/18 14:09:55 | 000,007,355 | ---- | M] () -- C:\WINDOWS\System32\drivers\N360\0300000.087\srtsp.cat
[2012/11/18 14:09:54 | 000,007,364 | ---- | M] () -- C:\WINDOWS\System32\drivers\N360\0300000.087\BHDrvx86.CAT
[2012/11/18 14:09:54 | 000,007,347 | ---- | M] () -- C:\WINDOWS\System32\drivers\N360\0300000.087\ccHPx86.cat
[2012/11/18 14:00:00 | 000,000,792 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2012/11/18 09:14:00 | 000,000,282 | RHS- | M] () -- C:\boot.ini

========== Files Created - No Company Name ==========

[2012/12/04 18:13:13 | 000,001,940 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\{96C87F53-AC72-4604-A9CC-186A49F17F3C}.ini
[2012/12/04 18:08:08 | 000,001,940 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\{96C87F53-AC72-4604-A9CC-186A49F17F3C}.ini
[2012/11/26 18:29:27 | 000,116,257 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Desktop\avz_sysinfo.htm
[2012/11/26 18:29:27 | 000,042,622 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Desktop\avz_sysinfo.xml
[2012/11/25 10:41:46 | 000,000,843 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Start Menu\Programs\Startup\_uninst_85013881.lnk
[2012/11/25 10:40:15 | 145,382,264 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Desktop\setup_11.0.0.1245.x01_2012_11_25_13_38.exe
[2012/11/20 12:47:27 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2012/11/20 12:47:27 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2012/11/20 12:47:27 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2012/11/20 12:47:27 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2012/11/20 12:47:27 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2012/11/18 14:11:14 | 000,723,974 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0300000.087\Cat.DB
[2012/11/18 14:10:39 | 000,007,386 | ---- | C] () -- C:\WINDOWS\System32\drivers\SYMEVENT.CAT
[2012/11/18 14:10:39 | 000,000,805 | ---- | C] () -- C:\WINDOWS\System32\drivers\SYMEVENT.INF
[2012/11/18 14:10:33 | 000,001,917 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Norton 360.LNK
[2012/11/18 14:10:08 | 000,003,373 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0300000.087\SymEFA.inf
[2012/11/18 14:10:08 | 000,001,753 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0300000.087\ccHPx86.inf
[2012/11/18 14:10:08 | 000,001,528 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0300000.087\SymNet.inf
[2012/11/18 14:10:08 | 000,001,389 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0300000.087\srtspx.inf
[2012/11/18 14:10:08 | 000,001,383 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0300000.087\srtsp.inf
[2012/11/18 14:10:08 | 000,000,640 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0300000.087\BHDrvx86.inf
[2012/11/18 14:10:08 | 000,000,172 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0300000.087\isolate.ini
[2012/11/18 14:09:55 | 000,009,423 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0300000.087\SymNet.cat
[2012/11/18 14:09:55 | 000,007,410 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0300000.087\SymEFA.cat
[2012/11/18 14:09:55 | 000,007,372 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0300000.087\srtspx.cat
[2012/11/18 14:09:55 | 000,007,355 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0300000.087\srtsp.cat
[2012/11/18 14:09:54 | 000,007,364 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0300000.087\BHDrvx86.CAT
[2012/11/18 14:09:54 | 000,007,347 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0300000.087\ccHPx86.cat
[2012/11/18 14:00:00 | 000,000,792 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2012/08/22 19:39:59 | 000,000,040 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\jagex_cl_runescape_LIVE.dat
[2012/07/06 00:47:14 | 000,000,976 | ---- | C] () -- C:\WINDOWS\eReg.dat
[2011/09/15 02:25:52 | 000,000,129 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
[2011/08/26 17:43:55 | 000,000,259 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Application Data\Gangsters2Setup.lnk
[2011/01/02 06:13:06 | 000,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI
[2011/01/02 05:31:25 | 000,376,832 | ---- | C] () -- C:\WINDOWS\System32\AegisI5Installer.exe
[2011/01/02 05:31:22 | 000,200,704 | ---- | C] () -- C:\WINDOWS\System32\UpdateDriver.exe
[2011/01/02 05:31:22 | 000,005,116 | ---- | C] () -- C:\WINDOWS\System32\ucuiinfo.ini
[2011/01/02 05:31:22 | 000,004,096 | ---- | C] () -- C:\WINDOWS\System32\drivers\RT2870.bin
[2010/12/31 11:33:13 | 000,013,931 | ---- | C] () -- C:\WINDOWS\System32\RaCoInst.dat
[2010/12/31 06:57:41 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2010/12/31 04:18:30 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2010/12/31 04:14:52 | 000,014,658 | ---- | C] () -- C:\WINDOWS\System32\Aud2_Hp.ini
[2010/12/31 04:14:52 | 000,000,029 | ---- | C] () -- C:\WINDOWS\System32\ctzapxx.ini
[2010/12/27 01:18:55 | 000,240,592 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb0.bin
[2010/12/27 01:18:42 | 000,240,592 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb1.bin
[2010/12/27 01:18:42 | 000,000,001 | ---- | C] () -- C:\WINDOWS\System32\nvdrssel.bin
[2010/12/23 23:37:55 | 002,293,194 | ---- | C] () -- C:\WINDOWS\System32\nvdata.bin
[2009/09/07 05:18:13 | 000,000,760 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Application Data\setup_ldm.iss
[2009/06/05 04:29:51 | 000,000,034 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\jagex_runescape_preferences.dat
[2009/01/17 08:23:28 | 000,188,416 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/01/13 12:44:01 | 000,022,328 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Application Data\PnkBstrK.sys
[2009/01/06 22:08:55 | 000,000,135 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\fusioncache.dat

========== ZeroAccess Check ==========

[2004/01/01 08:53:03 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2011/11/01 20:35:20 | 001,510,400 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/02/09 12:10:48 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2008/04/14 00:12:08 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2004/01/02 00:20:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Intervideo
[2004/01/02 00:51:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\SampleView
[2009/09/09 16:38:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alex\Application Data\BitTorrent
[2009/06/15 14:49:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alex\Application Data\DAEMON Tools
[2009/06/15 14:49:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alex\Application Data\DAEMON Tools Lite
[2009/06/15 14:49:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alex\Application Data\DAEMON Tools Pro
[2004/01/02 00:20:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alex\Application Data\Intervideo
[2010/07/02 14:10:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alex\Application Data\Nokia
[2010/07/02 14:11:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alex\Application Data\PC Suite
[2004/01/02 00:51:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alex\Application Data\SampleView
[2011/07/17 12:30:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alex\Application Data\Sports Interactive
[2009/03/29 14:46:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alex\Application Data\The Creative Assembly
[2012/08/30 09:18:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alex\Application Data\USMA
[2012/04/02 03:30:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVAST Software
[2011/01/04 13:57:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Lite
[2009/09/09 16:03:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Electronic Arts
[2009/01/07 00:55:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Installations
[2004/01/02 00:19:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\InterVideo
[2009/03/14 17:59:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Drivers HeadQuarters
[2010/07/02 14:09:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Suite
[2012/11/18 14:05:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PCSettings
[2012/10/28 14:17:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PMB Files
[2011/12/19 18:58:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SafeReturner
[2011/01/04 14:10:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sports Interactive
[2009/01/10 06:39:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ubisoft
[2009/01/07 00:39:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
[2012/11/18 14:11:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{7B6BA59A-FB0E-4499-8536-A7420338BF3B}
[2012/07/08 03:03:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\BitTorrent
[2009/01/07 16:46:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\DAEMON Tools
[2011/01/04 14:03:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\DAEMON Tools Lite
[2009/01/07 16:46:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\DAEMON Tools Pro
[2012/07/23 18:18:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\DDMSettings
[2009/06/24 23:30:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\DMCache
[2011/01/02 05:18:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\DNA
[2004/01/02 00:20:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Intervideo
[2009/01/08 01:07:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Leadertech
[2009/04/23 20:17:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\LimeWire
[2011/07/03 11:38:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\LolClient
[2012/06/27 13:08:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\LolMatches Client
[2009/01/07 00:55:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Nokia
[2009/01/07 00:56:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\PC Suite
[2012/09/04 13:40:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\QuickScan
[2004/01/02 00:51:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\SampleView
[2012/04/04 16:31:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\SoftChalk
[2011/04/16 18:22:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Sports Interactive
[2009/06/25 18:10:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\TeamViewer
[2009/03/23 17:34:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\The Creative Assembly
[2011/08/21 09:16:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\TS3Client
[2009/01/10 06:39:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Ubisoft
[2012/08/28 22:40:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\USMA
[2004/01/02 00:20:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Default User\Application Data\Intervideo
[2004/01/02 00:51:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Default User\Application Data\SampleView

========== Purity Check ==========



< End of report >
  • 0

#42
Nedklaw
Posted 06 December 2012 - 05:29 PM

Nedklaw

    Trusted Helper

  • Malware Removal
  • 1,652 posts
Hi. :)
How is your system running? Are you experiencing any problems?


Step 1

If you have the paid version of Malwarebytes 1.6 or later installed, please disable it for the duration of this run.

To disable MBAM

Open the scanner and select the Protection tab.
Remove the tick from Start protection module with Windows.
Reboot and then run OTL.

Posted Image


Run OTL.
  • Under the Custom Scans/Fixes box at the bottom, paste in the following: 

    :Commands 
[CREATERESTOREPOINT] 

:OTL 
DRV - File not found [Kernel | On_Demand | Unknown] -- -- (anobi22m)
DRV - File not found [Kernel | On_Demand | Unknown] -- -- (aify6nv9)
IE - HKLM\..\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}: "URL" = http://www.ask.com/w...q={SEARCHTERMS}
IE - HKU\.DEFAULT\..\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}: "URL" = http://www.ask.com/w...q={SEARCHTERMS}
IE - HKU\S-1-5-18\..\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}: "URL" = http://www.ask.com/w...q={SEARCHTERMS}
IE - HKU\S-1-5-19\..\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}: "URL" = http://www.ask.com/w...q={SEARCHTERMS}
IE - HKU\S-1-5-20\..\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}: "URL" = http://www.ask.com/w...q={SEARCHTERMS}
IE - HKU\S-1-5-21-4084055621-2455302966-1550939352-1007\..\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}: "URL" = http://www.ask.com/w...q={SEARCHTERMS}
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-4084055621-2455302966-1550939352-1007\Software\Policies\Microsoft\Internet Explorer\Control Panel present
[2012/11/18 13:35:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\yjpdmegv

:Files
ipconfig /flushdns /c

:Commands
[emptytemp]
[Reboot]
  • Then click the Run Fix button at the top.
  • Let the program run unhindered, reboot the PC when it is done.
  • Post the log that appears upon reboot in your next reply.
  • If no log appears upon reboot, the OTL Fix log should be located at C:\_OTL\MovedFiles\mmddyyyy_hhmmss.log, where mmddyyyy_hhmmss is the date and the time of the tool run.
  • Open OTL again and select the "Scan All Users" box.
  • Click the Quick Scan button. Post the log it produces in your next reply.

Step 2

Posted Image
  • Run Malwarebytes' Anti-Malware.
  • Update Malwarebytes' Anti-Malware.
  • Once the program has updated, select "Perform Quick Scan", then click Scan.
  • The scan may take some time to finish, so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to restart. (See Extra Note).
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy and paste the entire report in your next reply.
Extra Note:

If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediately.


Step 3

Please run a free online scan with the ESET Online Scanner.
  • Tick the box next to YES, I accept the Terms of Use.
  • Click Start.
  • When asked, allow the ActiveX control to install.
  • Click Start.
  • Make sure that the options Remove found threats and the option Scan unwanted applications is checked.
  • Click Scan. (This scan can take several hours, so please be patient).
  • Once the scan is completed, you may close the window.
  • Use Notepad to open the logfile located at C:\Program Files\EsetOnlineScanner\log.txt.
  • Copy and paste that log as a reply to this topic.

Things I want to see in your next reply

  • Answers to my questions
  • OTL Fix Log
  • OTL.txt
  • MBAM Log
  • log.txt
  • 0

#43
younggeeza
Posted 09 December 2012 - 03:19 AM

younggeeza

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 112 posts
When I log in - 'Error - Unable to locate the file: C:\Program Files\Belkin\F5D8055\v2\brdcm2k.dll'

Other than that, everything seems ok - but then again I haven't connected it back onto the internet yet.

Fix results coming up. I clicked on the side of the screen after I started the fix and the screen froze pretty quickly. Will leave pc running for a while and see if anything happens - if not I'll turn it off and on again.


------

Pc freezes when I click fix - the same as before. Lol, I left it on all night for a whole day and it's still frozen where I left it.

What should I do?

Edited by younggeeza, 11 December 2012 - 01:10 AM.

  • 0

#44
Nedklaw
Posted 12 December 2012 - 05:00 PM

Nedklaw

    Trusted Helper

  • Malware Removal
  • 1,652 posts
Hi. :)
Lets try with a different OTL script:


Step 1

If you have the paid version of Malwarebytes 1.6 or later installed, please disable it for the duration of this run.

To disable MBAM

Open the scanner and select the Protection tab.
Remove the tick from Start protection module with Windows.
Reboot and then run OTL.

Posted Image


Run OTL.
  • Under the Custom Scans/Fixes box at the bottom, paste in the following: 

    :OTL 
DRV - File not found [Kernel | On_Demand | Unknown] -- -- (anobi22m)
DRV - File not found [Kernel | On_Demand | Unknown] -- -- (aify6nv9)
IE - HKLM\..\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}: "URL" = http://www.ask.com/w...q={SEARCHTERMS}
IE - HKU\.DEFAULT\..\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}: "URL" = http://www.ask.com/w...q={SEARCHTERMS}
IE - HKU\S-1-5-18\..\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}: "URL" = http://www.ask.com/w...q={SEARCHTERMS}
IE - HKU\S-1-5-19\..\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}: "URL" = http://www.ask.com/w...q={SEARCHTERMS}
IE - HKU\S-1-5-20\..\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}: "URL" = http://www.ask.com/w...q={SEARCHTERMS}
IE - HKU\S-1-5-21-4084055621-2455302966-1550939352-1007\..\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}: "URL" = http://www.ask.com/w...q={SEARCHTERMS}
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-4084055621-2455302966-1550939352-1007\Software\Policies\Microsoft\Internet Explorer\Control Panel present
[2012/11/18 13:35:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\yjpdmegv

:Commands
[Reboot]
  • Then click the Run Fix button at the top.
  • Let the program run unhindered, reboot the PC when it is done.
  • Post the log that appears upon reboot in your next reply.
  • If no log appears upon reboot, the OTL Fix log should be located at C:\_OTL\MovedFiles\mmddyyyy_hhmmss.log, where mmddyyyy_hhmmss is the date and the time of the tool run.
  • Open OTL again and select the "Scan All Users" box.
  • Click the Quick Scan button. Post the log it produces in your next reply.

  • 0

#45
younggeeza
Posted 13 December 2012 - 08:02 AM

younggeeza

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 112 posts
Last time the internet got plugged in i was immediately inundated with the virus symptoms again. However it seemed ok this time. Here are the logs you requested. Thanks for the continued help. Also, I'll be going away for 4-5 days from tomorrow with no access to my pc.

---------------- OTL FIX LOG -----------------------------------------------------------------------------

========== OTL ==========
Error: No service named anobi22m was found to stop!
Service\Driver key anobi22m not found.
Error: No service named aify6nv9 was found to stop!
Service\Driver key aify6nv9 not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}\ not found.
Registry key HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}\ not found.
Registry key HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}\ not found.
Registry key HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}\ not found.
Registry key HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}\ not found.
Registry key HKEY_USERS\S-1-5-21-4084055621-2455302966-1550939352-1007\Software\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Restrictions\ deleted successfully.
Registry key HKEY_USERS\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel\ not found.
Registry key HKEY_USERS\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel\ not found.
Registry key HKEY_USERS\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel\ not found.
Registry key HKEY_USERS\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel\ not found.
Registry key HKEY_USERS\S-1-5-21-4084055621-2455302966-1550939352-1007\Software\Policies\Microsoft\Internet Explorer\Control Panel\ deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\yjpdmegv folder moved successfully.
========== COMMANDS ==========

OTL by OldTimer - Version 3.2.69.0 log created on 12132012_112813

--------------- OTL QUICK SCAN -----------------------------------------------------------------------------------------------------------------------

OTL logfile created on: 13/12/2012 11:35:02 - Run 18
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Compaq_Owner\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

3.00 Gb Total Physical Memory | 2.32 Gb Available Physical Memory | 77.47% Memory free
4.84 Gb Paging File | 4.41 Gb Available in Paging File | 91.06% Paging File free
Paging file location(s): c:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 228.93 Gb Total Space | 91.10 Gb Free Space | 39.79% Space Free | Partition Type: NTFS
Drive D: | 3.94 Gb Total Space | 1.06 Gb Free Space | 26.94% Space Free | Partition Type: FAT32
Drive E: | 372.74 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive M: | 59.74 Gb Total Space | 51.56 Gb Free Space | 86.32% Space Free | Partition Type: FAT32

Computer Name: SILVER-LIGHTNIN | User Name: Compaq_Owner | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/10/22 10:45:55 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Compaq_Owner\Desktop\OTL.exe
PRC - [2012/09/04 09:21:56 | 000,161,768 | ---- | M] (Oracle Corporation) -- C:\Program Files\Java\jre7\bin\jqs.exe
PRC - [2012/09/04 03:33:28 | 003,038,680 | ---- | M] (Symantec Corporation) -- C:\Documents and Settings\All Users\Application Data\Norton\NUA.exe
PRC - [2012/01/13 14:53:18 | 000,652,360 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012/01/13 14:53:18 | 000,460,872 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2011/09/22 00:40:11 | 000,117,648 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton 360\Engine\3.8.3.6\ccSvcHst.exe
PRC - [2011/07/03 02:01:06 | 003,077,528 | ---- | M] () -- C:\Program Files\Pando Networks\Media Booster\PMB.exe
PRC - [2010/04/01 09:16:20 | 000,357,696 | ---- | M] (DT Soft Ltd) -- C:\Program Files\DAEMON Tools Lite\DTLite.exe
PRC - [2008/04/14 00:12:33 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\savedump.exe
PRC - [2008/04/14 00:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2004/07/29 01:34:22 | 002,551,808 | ---- | M] (RealTek Semicoductor Corp.) -- C:\WINDOWS\ALCWZRD.EXE
PRC - [2004/07/29 00:40:18 | 000,077,824 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SOUNDMAN.EXE
PRC - [2004/01/30 13:59:40 | 000,204,800 | ---- | M] (PCTEL Inc.) -- C:\Program Files\Arcadyan Wireless\pctwpasv.exe
PRC - [2003/09/04 10:45:08 | 000,135,214 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\Logitech\QCDriver2\LVComS.exe


========== Modules (No Company Name) ==========

MOD - [2011/07/03 02:01:06 | 003,077,528 | ---- | M] () -- C:\Program Files\Pando Networks\Media Booster\PMB.exe
MOD - [2009/01/15 07:19:00 | 000,466,944 | ---- | M] () -- C:\WINDOWS\system32\nvshell.dll
MOD - [2007/04/02 12:49:20 | 000,355,112 | ---- | M] () -- C:\WINDOWS\system32\msjetoledb40.dll


========== Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt)
SRV - [2012/10/26 23:41:49 | 000,115,168 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/09/04 09:21:56 | 000,161,768 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Program Files\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2012/01/13 14:53:18 | 000,652,360 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2011/09/27 19:03:28 | 000,295,192 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe -- (LBTServ)
SRV - [2011/09/22 00:40:11 | 000,117,648 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Norton 360\Engine\3.8.3.6\ccSvcHst.exe -- (N360)
SRV - [2007/11/06 20:22:26 | 000,092,792 | ---- | M] (CACE Technologies) [On_Demand | Stopped] -- C:\Program Files\WinPcap\rpcapd.exe -- (rpcapd)
SRV - [2004/01/30 13:59:40 | 000,204,800 | ---- | M] (PCTEL Inc.) [Auto | Running] -- C:\Program Files\Arcadyan Wireless\pctwpasv.exe -- (PCTWPASV)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | Boot | Stopped] -- system32\DRIVERS\viaagp1.sys -- (viaagp1)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\Safe Returner\RegKernelHelp.sys -- (RegKernelHelp)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\Drivers\PROCEXP151.SYS -- (PROCEXP151)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\el90xbc5.sys -- (EL90XBC)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\EagleXNt.sys -- (EagleXNt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Nedklaw\catchme.sys -- (catchme)
DRV - File not found [Kernel | On_Demand | Unknown] -- -- (ahwr2yjs)
DRV - File not found [Kernel | On_Demand | Unknown] -- -- (a9ntvk2m)
DRV - [2012/12/10 13:08:48 | 000,124,976 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2012/12/09 08:34:38 | 001,601,184 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20121209.006\navex15.sys -- (NAVEX15)
DRV - [2012/12/09 08:34:38 | 000,092,704 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20121209.006\naveng.sys -- (NAVENG)
DRV - [2012/12/04 03:51:40 | 000,376,480 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2012/12/04 03:51:40 | 000,106,656 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2012/12/02 17:30:54 | 000,373,728 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20121212.001\IDSXpx86.sys -- (IDSxpx86)
DRV - [2011/12/10 15:24:06 | 000,020,464 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2011/09/22 00:40:13 | 000,467,592 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\N360\0308030.006\cchpx86.sys -- (ccHP)
DRV - [2011/09/22 00:40:13 | 000,217,464 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\N360\0308030.006\symtdi.sys -- (SYMTDI)
DRV - [2011/09/22 00:40:13 | 000,089,976 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\N360\0308030.006\symfw.sys -- (SYMFW)
DRV - [2011/09/22 00:40:13 | 000,036,472 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\N360\0308030.006\symndis.sys -- (SYMNDIS)
DRV - [2011/09/22 00:40:13 | 000,033,144 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\N360\0308030.006\symids.sys -- (SYMIDS)
DRV - [2011/09/02 06:31:28 | 000,039,192 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LMouFilt.Sys -- (LMouFilt)
DRV - [2011/09/02 06:31:20 | 000,041,240 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LHidFilt.Sys -- (LHidFilt)
DRV - [2011/09/02 06:30:58 | 000,012,184 | ---- | M] (Logitech, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\LBeepKE.sys -- (LBeepKE)
DRV - [2011/01/04 13:58:05 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sptd.sys -- (sptd)
DRV - [2010/01/20 22:02:23 | 000,310,320 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\N360\0308030.006\SymEFA.sys -- (SymEFA)
DRV - [2010/01/20 22:02:23 | 000,308,272 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\N360\0308030.006\srtsp.sys -- (SRTSP)
DRV - [2010/01/20 22:02:23 | 000,043,696 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\N360\0308030.006\srtspx.sys -- (SRTSPX)
DRV - [2010/01/20 22:02:22 | 000,259,632 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\N360\0308030.006\BHDrvx86.sys -- (BHDrvx86)
DRV - [2010/01/20 22:02:05 | 000,036,400 | R--- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SymIM.sys -- (SymIMMP)
DRV - [2010/01/20 22:02:05 | 000,036,400 | R--- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SymIM.sys -- (SymIM)
DRV - [2009/04/03 23:08:08 | 000,713,344 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rt2870.sys -- (rt2870)
DRV - [2009/01/21 07:49:40 | 000,118,656 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtnicxp.sys -- (RTL8023xp)
DRV - [2008/09/26 09:53:00 | 000,079,120 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LMouKE.Sys -- (LMouKE)
DRV - [2008/09/26 09:53:00 | 000,028,816 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LUsbFilt.sys -- (LUsbFilt)
DRV - [2008/09/26 09:52:00 | 000,063,248 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\L8042mou.Sys -- (L8042mou)
DRV - [2008/09/26 09:52:00 | 000,020,240 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\L8042Kbd.sys -- (L8042Kbd)
DRV - [2008/06/06 09:24:44 | 000,008,064 | ---- | M] (Windows ® Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2008/05/07 07:38:36 | 000,008,064 | ---- | M] (Windows ® Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2008/05/07 07:38:20 | 000,020,864 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2008/05/07 07:38:20 | 000,017,536 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2008/04/13 18:53:09 | 000,040,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmnt.sys -- (nm)
DRV - [2007/11/06 20:22:06 | 000,034,064 | ---- | M] (CACE Technologies) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\npf.sys -- (NPF)
DRV - [2007/09/17 15:53:26 | 000,021,632 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2006/01/25 16:24:30 | 001,149,888 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2004/09/29 22:55:50 | 000,229,888 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sisgrp.sys -- (SiS315)
DRV - [2004/09/24 10:38:40 | 000,012,928 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\srvkp.sys -- (SiSkp)
DRV - [2004/07/29 20:04:26 | 002,216,128 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService)
DRV - [2004/06/10 18:42:38 | 000,015,429 | ---- | M] ( ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Sacm1K.sys -- (USBCM)
DRV - [2004/01/29 22:29:04 | 000,350,282 | ---- | M] (PCTEL Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\PCTELSAP.SYS -- (PRISM_A00)
DRV - [2004/01/15 12:15:06 | 000,017,359 | ---- | M] (PCTEL Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\PCTINDIS5.sys -- (PCTINDIS5)
DRV - [2003/11/13 18:01:52 | 000,145,488 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\EMUPIA2K.SYS -- (emupia)
DRV - [2003/11/13 18:01:38 | 000,130,288 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\CTSFM2K.SYS -- (ctsfm2k)
DRV - [2003/11/13 18:01:10 | 000,006,096 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\CTPRXY2K.SYS -- (ctprxy2k)
DRV - [2003/11/13 17:59:18 | 000,645,360 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\CTAC32K.SYS -- (ctac32k)
DRV - [2003/11/13 17:58:10 | 000,148,432 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\HAP16V2K.SYS -- (hap16v2k)
DRV - [2003/11/13 17:57:40 | 000,904,496 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\HA10KX2K.SYS -- (ha10kx2k)
DRV - [2003/11/12 20:11:54 | 000,333,600 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\CTDVDA2K.SYS -- (ctdvda2k)
DRV - [2003/09/19 01:47:00 | 000,010,368 | ---- | M] (Padus, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pfc.sys -- (Pfc)
DRV - [2003/09/04 10:38:56 | 000,152,576 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LV532AV.SYS -- (PID_0920)
DRV - [2003/07/18 16:58:20 | 000,036,992 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\SISAGPX.SYS -- (SISAGP)
DRV - [2002/10/04 17:04:10 | 000,046,976 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\R8139n51.sys -- (rtl8139)
DRV - [2002/07/29 22:43:50 | 000,023,808 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\PS2.sys -- (Ps2)
DRV - [2001/08/17 12:11:18 | 000,020,160 | ---- | M] (ADMtek Incorporated) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ADM8511.SYS -- (ADM8511)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}
IE - HKLM\..\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}: "URL" = http://www.ask.com/w...q={SEARCHTERMS}


IE - HKU\.DEFAULT\..\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}: "URL" = http://www.ask.com/w...q={SEARCHTERMS}
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}: "URL" = http://www.ask.com/w...q={SEARCHTERMS}
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}: "URL" = http://www.ask.com/w...q={SEARCHTERMS}

IE - HKU\S-1-5-20\..\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}: "URL" = http://www.ask.com/w...q={SEARCHTERMS}

IE - HKU\S-1-5-21-4084055621-2455302966-1550939352-1007\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Live Search
IE - HKU\S-1-5-21-4084055621-2455302966-1550939352-1007\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://search.live.c...ferrer:source?}
IE - HKU\S-1-5-21-4084055621-2455302966-1550939352-1007\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKU\S-1-5-21-4084055621-2455302966-1550939352-1007\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-gb
IE - HKU\S-1-5-21-4084055621-2455302966-1550939352-1007\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 20 82 4B 6E 8F 86 CD 01 [binary data]
IE - HKU\S-1-5-21-4084055621-2455302966-1550939352-1007\..\SearchScopes,DefaultScope = {AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB9}
IE - HKU\S-1-5-21-4084055621-2455302966-1550939352-1007\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...Box&Form=IE8SRC
IE - HKU\S-1-5-21-4084055621-2455302966-1550939352-1007\..\SearchScopes\{A344D54B-1871-43A7-8EC5-E567C418D4C8}: "URL" = http://search.live.c...Box&Form=IE8SRC
IE - HKU\S-1-5-21-4084055621-2455302966-1550939352-1007\..\SearchScopes\{AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB9}: "URL" = http://www.daemon-se...q={searchTerms}
IE - HKU\S-1-5-21-4084055621-2455302966-1550939352-1007\..\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}: "URL" = http://www.ask.com/w...q={SEARCHTERMS}
IE - HKU\S-1-5-21-4084055621-2455302966-1550939352-1007\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.soa-clan.info/forum/"
FF - prefs.js..extensions.enabledAddons: {e001c731-5e37-4538-a5cb-8168736a2360}:0.9.9.119
FF - prefs.js..extensions.enabledAddons: [email protected]:0.801
FF - prefs.js..network.proxy.type: 0


FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_4_402_287.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll File not found
FF - HKLM\Software\MozillaPlugins\@bittorrent.com/BitTorrentDNA: C:\Program Files\DNA\plugins\npbtdna.dll (BitTorrent, Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012/04/05 22:59:54 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{7BA52691-1876-45ce-9EE6-54BCB3B04BBC}: C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\coFFPlgn\ [2012/12/13 11:31:57 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/10/26 23:41:50 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/11/25 17:09:18 | 000,000,000 | ---D | M]

[2009/02/11 17:43:10 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Extensions
[2009/02/11 17:43:10 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Extensions\[email protected]
[2012/10/23 17:53:26 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\r774xhi2.default\extensions
[2009/05/03 15:33:55 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\r774xhi2.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}(2)
[2012/06/27 20:04:08 | 000,000,000 | ---D | M] (Bitdefender QuickScan) -- C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\r774xhi2.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}
[2012/04/03 12:24:58 | 000,004,234 | ---- | M] () (No name found) -- C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\r774xhi2.default\extensions\[email protected]
[2012/10/18 13:26:19 | 000,239,323 | ---- | M] () (No name found) -- C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\r774xhi2.default\extensions\[email protected]
[2012/07/26 17:01:55 | 000,741,958 | ---- | M] () (No name found) -- C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\r774xhi2.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2012/12/13 11:31:52 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012/10/26 23:41:50 | 000,261,600 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2008/09/04 00:11:24 | 000,054,600 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files\mozilla firefox\plugins\npbittorrent.dll
[2012/10/14 07:39:03 | 000,001,525 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-en-GB.xml
[2012/10/14 07:39:03 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012/10/14 07:39:03 | 000,000,935 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\chambers-en-GB.xml
[2012/10/14 07:39:03 | 000,001,166 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-en-GB.xml
[2012/10/14 07:39:03 | 000,002,058 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml
[2012/10/14 07:39:03 | 000,001,121 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-en-GB.xml

O1 HOSTS File: ([2012/11/20 13:02:54 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton 360\Engine\3.8.3.6\CoIEPlg.dll (Symantec Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton 360\Engine\3.8.3.6\IPSBHO.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360\Engine\3.8.3.6\CoIEPlg.dll (Symantec Corporation)
O3 - HKU\S-1-5-21-4084055621-2455302966-1550939352-1007\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360\Engine\3.8.3.6\CoIEPlg.dll (Symantec Corporation)
O4 - HKLM..\Run: [AlcWzrd] C:\WINDOWS\ALCWZRD.EXE (RealTek Semicoductor Corp.)
O4 - HKLM..\Run: [CTHelper] C:\WINDOWS\System32\CTHELPER.EXE (Creative Technology Ltd)
O4 - HKLM..\Run: [F5D8055v2] C:\Program Files\Belkin\F5D8055\v2\Belkinwcui.exe (Belkin)
O4 - HKLM..\Run: [LSBWatcher] c:\hp\drivers\hplsbwatcher\LSBurnWatcher.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [LVCOMS] C:\Program Files\Common Files\Logitech\QCDriver2\LVComS.exe (Logitech Inc.)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [Recguard] C:\WINDOWS\SMINST\Recguard.exe ()
O4 - HKLM..\Run: [SiSPower] C:\WINDOWS\System32\SiSPower.dll (Silicon Integrated Systems Corporation)
O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\SOUNDMAN.EXE (Realtek Semiconductor Corp.)
O4 - HKU\S-1-5-21-4084055621-2455302966-1550939352-1007..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-4084055621-2455302966-1550939352-1007..\Run: [NortonUpdateAgent] C:\Documents and Settings\All Users\Application Data\Norton\NUA.exe (Symantec Corporation)
O4 - HKU\S-1-5-21-4084055621-2455302966-1550939352-1007..\Run: [Pando Media Booster] C:\Program Files\Pando Networks\Media Booster\PMB.exe ()
O4 - Startup: C:\Documents and Settings\Compaq_Owner\Start Menu\Programs\Startup\_uninst_85013881.lnk = File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-4084055621-2455302966-1550939352-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-4084055621-2455302966-1550939352-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-4084055621-2455302966-1550939352-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} http://messenger.zon...wn.cab56986.cab (Solitaire Showdown Class)
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} http://messenger.zon...1/GAME_UNO1.cab (UnoCtrl Class)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.micros...b?1293940326812 (WUWebControl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.micros...b?1231289923359 (MUWebControl Class)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset...lineScanner.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Reg Error: Value error.)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zon...nt.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} http://messenger.zon...er.cab56986.cab (Minesweeper Flags Class)
O16 - DPF: {FE5B9F54-7764-4C01-89F0-4862601EE954} http://photos.msn.co....cab?10,0,910,0 (DigWebHelper Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 194.168.4.100 194.168.8.100
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{65F5F5DF-B133-4572-8941-3304DFB16406}: DhcpNameServer = 194.168.4.100 194.168.8.100
O18 - Protocol\Handler\symres {AA1061FE-6C41-421f-9344-69640C9732AB} - C:\Program Files\Norton 360\Engine\3.8.3.6\CoIEPlg.dll (Symantec Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - (igfxsrvc.dll) - C:\WINDOWS\System32\igfxsrvc.dll (Intel Corporation)
O20 - Winlogon\Notify\LBTWlgn: DllName - (c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll) - c:\Program Files\Common Files\Logishrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004/01/01 08:35:37 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2001/07/27 22:07:38 | 000,000,000 | --S- | M] () - D:\AUTOEXEC.BAT -- [ FAT32 ]
O32 - AutoRun File - [2008/08/29 18:44:56 | 000,000,130 | R--- | M] () - E:\AUTORUN.INF -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2012/12/13 11:30:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\LastGood
[2012/12/13 11:27:25 | 000,217,464 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\N360\0308030.006\symtdi.sys
[2012/12/13 11:27:24 | 000,467,592 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\N360\0308030.006\cchpx86.sys
[2012/12/13 11:27:24 | 000,310,320 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\N360\0308030.006\SymEFA.sys
[2012/12/13 11:27:24 | 000,308,272 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\N360\0308030.006\srtsp.sys
[2012/12/13 11:27:24 | 000,259,632 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\N360\0308030.006\BHDrvx86.sys
[2012/12/13 11:27:24 | 000,089,976 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\N360\0308030.006\symfw.sys
[2012/12/13 11:27:24 | 000,048,760 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\N360\0308030.006\symndisv.sys
[2012/12/13 11:27:24 | 000,043,696 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\N360\0308030.006\srtspx.sys
[2012/12/13 11:27:24 | 000,036,472 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\N360\0308030.006\symndis.sys
[2012/12/13 11:27:24 | 000,033,144 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\N360\0308030.006\symids.sys
[2012/12/13 11:26:49 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\N360\0308030.006
[2012/12/10 13:08:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Downloaded Installations
[2012/12/10 13:08:47 | 000,217,136 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\N360\0308000.029\symtdi.sys
[2012/12/10 13:08:46 | 000,310,320 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\N360\0308000.029\SymEFA.sys
[2012/12/10 13:08:46 | 000,089,904 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\N360\0308000.029\symfw.sys
[2012/12/10 13:08:46 | 000,048,688 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\N360\0308000.029\symndisv.sys
[2012/12/10 13:08:46 | 000,043,696 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\N360\0308000.029\srtspx.sys
[2012/12/10 13:08:46 | 000,036,400 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\N360\0308000.029\symndis.sys
[2012/12/10 13:08:46 | 000,033,072 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\N360\0308000.029\symids.sys
[2012/12/10 13:08:45 | 000,482,432 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\N360\0308000.029\cchpx86.sys
[2012/12/10 13:08:45 | 000,308,272 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\N360\0308000.029\srtsp.sys
[2012/12/10 13:08:45 | 000,259,632 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\N360\0308000.029\BHDrvx86.sys
[2012/12/10 13:08:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\N360\0308000.029
[2012/11/25 10:39:51 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2012/11/20 12:47:27 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2012/11/20 12:47:27 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2012/11/20 12:47:27 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2012/11/20 12:47:27 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2012/11/20 12:44:37 | 005,004,421 | R--- | C] (Swearware) -- C:\Documents and Settings\Compaq_Owner\Desktop\Nedklaw.exe
[2012/11/18 14:11:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\{7B6BA59A-FB0E-4499-8536-A7420338BF3B}
[2012/11/18 14:10:45 | 000,036,400 | R--- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\SymIM.sys
[2012/11/18 14:10:39 | 000,124,976 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\SYMEVENT.SYS
[2012/11/18 14:10:39 | 000,060,808 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\S32EVNT1.DLL
[2012/11/18 14:10:39 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Symantec Shared
[2012/11/18 14:10:39 | 000,000,000 | ---D | C] -- C:\Program Files\Symantec
[2012/11/18 14:09:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\N360
[2012/11/18 14:09:51 | 000,000,000 | ---D | C] -- C:\Program Files\Norton 360
[2012/11/18 14:09:50 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Sidebar
[2012/11/18 14:09:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Symantec
[2012/11/18 14:09:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Norton 360
[2012/11/18 14:05:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\PCSettings
[2012/11/18 14:05:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Norton
[2012/11/18 14:03:54 | 000,000,000 | ---D | C] -- C:\Program Files\NortonInstaller
[2012/11/18 14:03:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\NortonInstaller
[2012/11/18 14:00:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012/11/18 13:59:59 | 000,020,464 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2012/11/18 13:59:59 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2012/11/18 11:40:06 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Compaq_Owner\IECompatCache
[2012/11/18 09:13:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Owner\My Documents\Symantec

========== Files - Modified Within 30 Days ==========

[2012/12/13 11:38:09 | 000,001,940 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\{96C87F53-AC72-4604-A9CC-186A49F17F3C}.ini
[2012/12/13 11:34:14 | 000,511,978 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012/12/13 11:34:14 | 000,091,734 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012/12/13 11:31:45 | 000,724,218 | ---- | M] () -- C:\WINDOWS\System32\drivers\N360\0308030.006\Cat.DB
[2012/12/13 11:30:28 | 000,206,530 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2012/12/13 11:30:18 | 000,000,248 | ---- | M] () -- C:\WINDOWS\System\hpsysdrv.dat
[2012/12/13 11:30:05 | 000,001,897 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Norton 360.LNK
[2012/12/13 11:30:04 | 000,012,620 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012/12/13 11:29:55 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012/12/13 11:29:53 | 3220,557,824 | -HS- | M] () -- C:\hiberfil.sys
[2012/12/13 11:26:49 | 000,000,172 | ---- | M] () -- C:\WINDOWS\System32\drivers\N360\0308030.006\isolate.ini
[2012/12/13 11:14:25 | 000,724,218 | ---- | M] () -- C:\WINDOWS\System32\drivers\N360\0308000.029\Cat.DB
[2012/12/10 13:08:48 | 000,124,976 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\SYMEVENT.SYS
[2012/12/10 13:08:48 | 000,060,808 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\S32EVNT1.DLL
[2012/12/10 13:08:48 | 000,007,456 | ---- | M] () -- C:\WINDOWS\System32\drivers\SYMEVENT.CAT
[2012/12/10 13:08:48 | 000,000,806 | ---- | M] () -- C:\WINDOWS\System32\drivers\SYMEVENT.INF
[2012/12/10 13:08:15 | 000,009,412 | ---- | M] () -- C:\WINDOWS\System32\drivers\N360\0308030.006\symnetv.cat
[2012/12/10 13:08:15 | 000,009,412 | ---- | M] () -- C:\WINDOWS\System32\drivers\N360\0308000.029\symnetv.cat
[2012/12/10 13:08:15 | 000,001,562 | ---- | M] () -- C:\WINDOWS\System32\drivers\N360\0308030.006\SymNetV.inf
[2012/12/10 13:08:15 | 000,001,562 | ---- | M] () -- C:\WINDOWS\System32\drivers\N360\0308000.029\SymNetV.inf
[2012/12/10 13:08:15 | 000,000,172 | ---- | M] () -- C:\WINDOWS\System32\drivers\N360\0308000.029\isolate.ini
[2012/11/26 18:15:00 | 000,116,257 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Desktop\avz_sysinfo.htm
[2012/11/26 18:15:00 | 000,042,622 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Desktop\avz_sysinfo.xml
[2012/11/25 10:41:47 | 000,000,843 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Start Menu\Programs\Startup\_uninst_85013881.lnk
[2012/11/25 10:31:44 | 145,382,264 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Desktop\setup_11.0.0.1245.x01_2012_11_25_13_38.exe
[2012/11/20 13:02:54 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2012/11/20 12:44:02 | 005,004,421 | R--- | M] (Swearware) -- C:\Documents and Settings\Compaq_Owner\Desktop\Nedklaw.exe
[2012/11/18 14:00:00 | 000,000,792 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2012/11/18 09:14:00 | 000,000,282 | RHS- | M] () -- C:\boot.ini

========== Files Created - No Company Name ==========

[2012/12/13 11:31:27 | 000,724,218 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0308030.006\Cat.DB
[2012/12/13 11:27:25 | 000,009,412 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0308030.006\symnetv.cat
[2012/12/13 11:27:25 | 000,001,562 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0308030.006\SymNetV.inf
[2012/12/13 11:27:25 | 000,001,560 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0308030.006\SymNet.inf
[2012/12/13 11:27:24 | 000,009,402 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0308030.006\SymNet.cat
[2012/12/13 11:27:24 | 000,007,450 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0308030.006\ccHPx86.cat
[2012/12/13 11:27:24 | 000,007,431 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0308030.006\SymEFA.cat
[2012/12/13 11:27:24 | 000,007,429 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0308030.006\srtspx.cat
[2012/12/13 11:27:24 | 000,007,425 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0308030.006\srtsp.cat
[2012/12/13 11:27:24 | 000,007,400 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0308030.006\bhdrvx86.cat
[2012/12/13 11:27:24 | 000,003,373 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0308030.006\SymEFA.inf
[2012/12/13 11:27:24 | 000,001,752 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0308030.006\ccHPx86.inf
[2012/12/13 11:27:24 | 000,001,388 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0308030.006\srtspx.inf
[2012/12/13 11:27:24 | 000,001,382 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0308030.006\srtsp.inf
[2012/12/13 11:27:24 | 000,000,640 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0308030.006\BHDrvx86.inf
[2012/12/13 11:26:49 | 000,000,172 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0308030.006\isolate.ini
[2012/12/13 11:14:09 | 000,724,218 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0308000.029\Cat.DB
[2012/12/10 13:08:47 | 000,009,402 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0308000.029\SymNet.cat
[2012/12/10 13:08:47 | 000,001,561 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0308000.029\SymNet.inf
[2012/12/10 13:08:46 | 000,007,431 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0308000.029\SymEFA.cat
[2012/12/10 13:08:46 | 000,007,429 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0308000.029\srtspx.cat
[2012/12/10 13:08:46 | 000,003,373 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0308000.029\SymEFA.inf
[2012/12/10 13:08:46 | 000,001,388 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0308000.029\srtspx.inf
[2012/12/10 13:08:45 | 000,007,425 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0308000.029\srtsp.cat
[2012/12/10 13:08:45 | 000,007,400 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0308000.029\BHDrvx86.CAT
[2012/12/10 13:08:45 | 000,007,383 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0308000.029\ccHPx86.cat
[2012/12/10 13:08:45 | 000,001,752 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0308000.029\ccHPx86.inf
[2012/12/10 13:08:45 | 000,001,382 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0308000.029\srtsp.inf
[2012/12/10 13:08:45 | 000,000,640 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0308000.029\BHDrvx86.inf
[2012/12/10 13:08:15 | 000,009,412 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0308000.029\symnetv.cat
[2012/12/10 13:08:15 | 000,001,562 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0308000.029\SymNetV.inf
[2012/12/10 13:08:15 | 000,000,172 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0308000.029\isolate.ini
[2012/12/04 18:13:13 | 000,001,940 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\{96C87F53-AC72-4604-A9CC-186A49F17F3C}.ini
[2012/12/04 18:08:08 | 000,001,940 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\{96C87F53-AC72-4604-A9CC-186A49F17F3C}.ini
[2012/11/26 18:29:27 | 000,116,257 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Desktop\avz_sysinfo.htm
[2012/11/26 18:29:27 | 000,042,622 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Desktop\avz_sysinfo.xml
[2012/11/25 10:41:46 | 000,000,843 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Start Menu\Programs\Startup\_uninst_85013881.lnk
[2012/11/25 10:40:15 | 145,382,264 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Desktop\setup_11.0.0.1245.x01_2012_11_25_13_38.exe
[2012/11/20 12:47:27 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2012/11/20 12:47:27 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2012/11/20 12:47:27 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2012/11/20 12:47:27 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2012/11/20 12:47:27 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2012/11/18 14:10:39 | 000,007,456 | ---- | C] () -- C:\WINDOWS\System32\drivers\SYMEVENT.CAT
[2012/11/18 14:10:39 | 000,000,806 | ---- | C] () -- C:\WINDOWS\System32\drivers\SYMEVENT.INF
[2012/11/18 14:10:33 | 000,001,897 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Norton 360.LNK
[2012/11/18 14:00:00 | 000,000,792 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2012/08/22 19:39:59 | 000,000,040 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\jagex_cl_runescape_LIVE.dat
[2012/07/06 00:47:14 | 000,000,976 | ---- | C] () -- C:\WINDOWS\eReg.dat
[2011/09/15 02:25:52 | 000,000,129 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
[2011/08/26 17:43:55 | 000,000,259 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Application Data\Gangsters2Setup.lnk
[2011/01/02 06:13:06 | 000,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI
[2011/01/02 05:31:25 | 000,376,832 | ---- | C] () -- C:\WINDOWS\System32\AegisI5Installer.exe
[2011/01/02 05:31:22 | 000,200,704 | ---- | C] () -- C:\WINDOWS\System32\UpdateDriver.exe
[2011/01/02 05:31:22 | 000,005,116 | ---- | C] () -- C:\WINDOWS\System32\ucuiinfo.ini
[2011/01/02 05:31:22 | 000,004,096 | ---- | C] () -- C:\WINDOWS\System32\drivers\RT2870.bin
[2010/12/31 11:33:13 | 000,013,931 | ---- | C] () -- C:\WINDOWS\System32\RaCoInst.dat
[2010/12/31 06:57:41 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2010/12/31 04:18:30 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2010/12/31 04:14:52 | 000,014,658 | ---- | C] () -- C:\WINDOWS\System32\Aud2_Hp.ini
[2010/12/31 04:14:52 | 000,000,029 | ---- | C] () -- C:\WINDOWS\System32\ctzapxx.ini
[2010/12/27 01:18:55 | 000,240,592 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb0.bin
[2010/12/27 01:18:42 | 000,240,592 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb1.bin
[2010/12/27 01:18:42 | 000,000,001 | ---- | C] () -- C:\WINDOWS\System32\nvdrssel.bin
[2010/12/23 23:37:55 | 002,293,194 | ---- | C] () -- C:\WINDOWS\System32\nvdata.bin
[2009/09/07 05:18:13 | 000,000,760 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Application Data\setup_ldm.iss
[2009/06/05 04:29:51 | 000,000,034 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\jagex_runescape_preferences.dat
[2009/01/17 08:23:28 | 000,188,416 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/01/13 12:44:01 | 000,022,328 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Application Data\PnkBstrK.sys
[2009/01/06 22:08:55 | 000,000,135 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\fusioncache.dat

========== ZeroAccess Check ==========

[2004/01/01 08:53:03 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2011/11/01 20:35:20 | 001,510,400 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/02/09 12:10:48 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2008/04/14 00:12:08 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2004/01/02 00:20:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Intervideo
[2004/01/02 00:51:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\SampleView
[2009/09/09 16:38:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alex\Application Data\BitTorrent
[2009/06/15 14:49:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alex\Application Data\DAEMON Tools
[2009/06/15 14:49:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alex\Application Data\DAEMON Tools Lite
[2009/06/15 14:49:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alex\Application Data\DAEMON Tools Pro
[2004/01/02 00:20:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alex\Application Data\Intervideo
[2010/07/02 14:10:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alex\Application Data\Nokia
[2010/07/02 14:11:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alex\Application Data\PC Suite
[2004/01/02 00:51:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alex\Application Data\SampleView
[2011/07/17 12:30:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alex\Application Data\Sports Interactive
[2009/03/29 14:46:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alex\Application Data\The Creative Assembly
[2012/08/30 09:18:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alex\Application Data\USMA
[2012/04/02 03:30:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVAST Software
[2011/01/04 13:57:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Lite
[2009/09/09 16:03:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Electronic Arts
[2009/01/07 00:55:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Installations
[2004/01/02 00:19:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\InterVideo
[2009/03/14 17:59:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Drivers HeadQuarters
[2010/07/02 14:09:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Suite
[2012/11/18 14:05:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PCSettings
[2012/10/28 14:17:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PMB Files
[2011/12/19 18:58:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SafeReturner
[2011/01/04 14:10:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sports Interactive
[2009/01/10 06:39:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ubisoft
[2009/01/07 00:39:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
[2012/12/10 13:08:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{7B6BA59A-FB0E-4499-8536-A7420338BF3B}
[2012/07/08 03:03:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\BitTorrent
[2009/01/07 16:46:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\DAEMON Tools
[2011/01/04 14:03:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\DAEMON Tools Lite
[2009/01/07 16:46:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\DAEMON Tools Pro
[2012/07/23 18:18:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\DDMSettings
[2009/06/24 23:30:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\DMCache
[2011/01/02 05:18:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\DNA
[2004/01/02 00:20:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Intervideo
[2009/01/08 01:07:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Leadertech
[2009/04/23 20:17:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\LimeWire
[2011/07/03 11:38:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\LolClient
[2012/06/27 13:08:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\LolMatches Client
[2009/01/07 00:55:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Nokia
[2009/01/07 00:56:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\PC Suite
[2012/09/04 13:40:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\QuickScan
[2004/01/02 00:51:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\SampleView
[2012/04/04 16:31:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\SoftChalk
[2011/04/16 18:22:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Sports Interactive
[2009/06/25 18:10:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\TeamViewer
[2009/03/23 17:34:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\The Creative Assembly
[2011/08/21 09:16:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\TS3Client
[2009/01/10 06:39:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Ubisoft
[2012/08/28 22:40:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\USMA
[2004/01/02 00:20:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Default User\Application Data\Intervideo
[2004/01/02 00:51:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Default User\Application Data\SampleView

========== Purity Check ==========



< End of report >

------------ MALWAREBYTES QUICK SCAN ---------------------------------------------------------------------------------------------------------------

Malwarebytes Anti-Malware 1.60.1.1000
www.malwarebytes.org

Database version: v2012.12.13.06

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Compaq_Owner :: SILVER-LIGHTNIN [administrator]

Protection: Enabled

13/12/2012 11:55:46
mbam-log-2012-12-13 (11-55-46).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 248401
Time elapsed: 8 minute(s), 41 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 3
HKLM\SOFTWARE\Microsoft\Security Center|AntiVirusDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and repaired successfully.
HKLM\SOFTWARE\Microsoft\Security Center|FirewallDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and repaired successfully.
HKLM\SOFTWARE\Microsoft\Security Center|UpdatesDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and repaired successfully.

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

----------------- ESET ONLINE SCANNER LOG -------------------------------------------------------------------------------------------------------

ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6844
# api_version=3.0.2
# EOSSerial=fe89244ca20cf54f94e277605c3e9fe7
# end=finished
# remove_checked=true
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2012-12-13 01:56:10
# local_time=2012-12-13 01:56:10 (+0000, GMT Standard Time)
# country="United Kingdom"
# lang=1033
# osver=5.1.2600 NT Service Pack 3
# compatibility_mode=771 16777214 83 1 22069372 22069372 0 0
# compatibility_mode=1026 16777214 0 4 61876552 103526555 0 0
# compatibility_mode=3589 16777213 100 100 8927 91385646 0 0
# scanned=132136
# found=2
# cleaned=2
# scan_time=6394
C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\r774xhi2.default\user.js JS/SecurityDisabler.A.Gen application (cleaned by deleting - quarantined) C5DB8386C3A901DD6D4FB8B66685B889FA1099F9 C
C:\Documents and Settings\Compaq_Owner\Desktop\cbsidlm-tr1_7-Combofix-ORG2-75221073.exe Win32/DownloadAdmin.D application (cleaned by deleting - quarantined) 47EF53486FF826F192DBE1C2912D20FF41407159 C
  • 0
Back to Can't Run Any Antivirus or Malware Removal Programs · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Can't Run Any Antivirus or Malware Removal Programs

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP