Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Phoned in virus [Solved]

Started by sidhedraoi , Aug 23 2013 01:38 PM

  • This topic is locked This topic is locked

#1
sidhedraoi
Posted 23 August 2013 - 01:38 PM

sidhedraoi

    Member

  • Member
  • PipPip
  • 72 posts
so I go downstairs to do laundry, my son answers the phone and now I think I have a virus...
the people calling told my son that they were from Windows and that my internal security shied was corrupt..
I know that you don't like Utorrent, and that I have it. They had him use Teamviewer and took remote access on him...after running a cmd tree they told him this (on my notepad). I still have the cmp prompt window open.

Internal Security Shield + Software Warranty + Unlimited Technical Support

3 Years 299
5 Years 349
Lifetime 498*

*Multiple Computers

here is OTL log.....
OTL logfile created on: 2013-08-23 3:27:49 PM - Run 5
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Home\Desktop
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16660)
Locale: 00001009 | Country: Canada | Language: ENC | Date Format: yyyy-MM-dd

9.45 Gb Total Physical Memory | 6.95 Gb Available Physical Memory | 73.53% Memory free
10.82 Gb Paging File | 7.97 Gb Available in Paging File | 73.69% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 907.70 Gb Total Space | 854.03 Gb Free Space | 94.09% Space Free | Partition Type: NTFS
Drive D: | 931.51 Gb Total Space | 419.20 Gb Free Space | 45.00% Space Free | Partition Type: NTFS
Drive G: | 7.49 Gb Total Space | 7.22 Gb Free Space | 96.43% Space Free | Partition Type: FAT32

Computer Name: LIVINGROOM | User Name: Home | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013-08-15 23:21:43 | 000,829,392 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2013-05-30 18:04:26 | 000,162,816 | ---- | M] () -- C:\Users\Home\AppData\Roaming\uTorrent\VirusGuard\BitTorrentAntivirus.exe
PRC - [2013-05-29 09:57:11 | 001,045,072 | ---- | M] (BitTorrent Inc.) -- C:\Users\Home\AppData\Roaming\uTorrent\uTorrent.exe
PRC - [2013-05-09 04:58:30 | 004,858,968 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2013-05-09 04:58:30 | 000,046,808 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2013-04-25 08:40:57 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Home\Desktop\OTL.exe
PRC - [2013-02-12 22:37:16 | 001,263,952 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
PRC - [2012-09-20 01:55:29 | 000,333,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\WWAHost.exe
PRC - [2012-07-05 21:50:26 | 000,553,616 | ---- | M] (Acer Incorporated) -- C:\Program Files (x86)\Gateway\Hotkey Utility\HotkeyUtility.exe
PRC - [2011-11-25 19:32:36 | 000,687,400 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Nero\Update\NASvc.exe
PRC - [2010-02-04 06:10:51 | 000,131,752 | ---- | M] (Lexmark International Inc.) -- C:\Program Files (x86)\Lexmark 5600-6600 Series\ezprint.exe
PRC - [2010-02-04 06:10:44 | 000,676,520 | ---- | M] () -- C:\Program Files (x86)\Lexmark 5600-6600 Series\lxdumon.exe


========== Modules (No Company Name) ==========

MOD - [2013-08-15 23:21:41 | 000,410,576 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.57\ppgooglenaclpluginchrome.dll
MOD - [2013-08-15 23:21:40 | 013,594,064 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.57\PepperFlash\pepflashplayer.dll
MOD - [2013-08-15 23:21:39 | 004,053,456 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.57\pdf.dll
MOD - [2013-08-15 23:20:49 | 000,709,584 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.57\libglesv2.dll
MOD - [2013-08-15 23:20:48 | 000,099,792 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.57\libegl.dll
MOD - [2013-08-15 23:20:46 | 001,604,560 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.57\ffmpegsumo.dll
MOD - [2013-05-30 18:04:26 | 000,162,816 | ---- | M] () -- C:\Users\Home\AppData\Roaming\uTorrent\VirusGuard\BitTorrentAntivirus.exe
MOD - [2013-02-12 22:38:06 | 000,100,688 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
MOD - [2013-02-12 22:37:16 | 001,263,952 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
MOD - [2010-02-04 06:10:44 | 000,676,520 | ---- | M] () -- C:\Program Files (x86)\Lexmark 5600-6600 Series\lxdumon.exe
MOD - [2010-02-04 05:52:35 | 000,081,920 | ---- | M] () -- C:\Program Files (x86)\Lexmark 5600-6600 Series\lxducaps.dll
MOD - [2010-02-04 05:52:27 | 000,380,928 | ---- | M] () -- C:\Program Files (x86)\Lexmark 5600-6600 Series\lxduscw.dll
MOD - [2010-02-04 05:52:26 | 001,036,288 | ---- | M] () -- C:\Program Files (x86)\Lexmark 5600-6600 Series\lxdudrs.dll
MOD - [2010-02-04 05:51:18 | 000,380,928 | ---- | M] () -- C:\Program Files (x86)\Lexmark 5600-6600 Series\iptk.dll
MOD - [2010-02-04 05:36:06 | 000,188,416 | ---- | M] () -- C:\Program Files (x86)\Lexmark 5600-6600 Series\lxdudatr.dll
MOD - [2010-02-04 05:35:59 | 000,069,632 | ---- | M] () -- C:\Program Files (x86)\Lexmark 5600-6600 Series\lxducnv4.dll
MOD - [2009-10-16 11:53:35 | 000,073,728 | ---- | M] () -- C:\Program Files (x86)\Lexmark 5600-6600 Series\lxducats.dll
MOD - [2007-09-06 06:11:34 | 000,151,552 | ---- | M] () -- C:\Program Files (x86)\Lexmark 5600-6600 Series\lxduptp.dll


========== Services (SafeList) ==========

SRV:64bit: - [2013-07-01 20:44:21 | 000,016,048 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV:64bit: - [2013-06-01 05:19:58 | 000,207,872 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DeviceSetupManager.dll -- (DsmSvc)
SRV:64bit: - [2013-05-09 04:58:30 | 000,046,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2013-05-04 02:58:02 | 000,470,528 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm)
SRV:64bit: - [2013-05-04 02:57:05 | 000,179,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\bisrv.dll -- (BrokerInfrastructure)
SRV:64bit: - [2013-04-09 00:48:42 | 000,169,472 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder)
SRV:64bit: - [2013-03-01 22:45:07 | 000,171,008 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\TimeBrokerServer.dll -- (TimeBroker)
SRV:64bit: - [2013-03-01 22:45:05 | 000,180,224 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\SystemEventsBrokerServer.dll -- (SystemEventsBroker)
SRV:64bit: - [2013-01-09 19:23:16 | 001,964,544 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\wlidsvc.dll -- (wlidsvc)
SRV:64bit: - [2013-01-09 19:22:35 | 000,438,272 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsm.dll -- (LSM)
SRV:64bit: - [2012-09-20 05:10:47 | 002,367,528 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WSService.dll -- (WSService)
SRV:64bit: - [2012-09-20 02:31:18 | 000,116,736 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\fhsvc.dll -- (fhsvc)
SRV:64bit: - [2012-08-23 00:02:36 | 000,658,576 | ---- | M] (Acer Incorporated) [On_Demand | Running] -- C:\Program Files\Gateway\Gateway Power Management\ePowerSvc.exe -- (ePowerSvc)
SRV:64bit: - [2012-07-25 23:30:05 | 002,675,200 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV:64bit: - [2012-07-25 23:07:47 | 000,065,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wiarpc.dll -- (WiaRpc)
SRV:64bit: - [2012-07-25 23:07:42 | 000,263,680 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wcmsvc.dll -- (Wcmsvc)
SRV:64bit: - [2012-07-25 23:07:40 | 000,283,648 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\vaultsvc.dll -- (VaultSvc)
SRV:64bit: - [2012-07-25 23:07:25 | 000,012,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svsvc.dll -- (svsvc)
SRV:64bit: - [2012-07-25 23:06:34 | 000,743,936 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\netlogon.dll -- (Netlogon)
SRV:64bit: - [2012-07-25 23:06:33 | 000,161,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcaSvc.dll -- (NcaSvc)
SRV:64bit: - [2012-07-25 23:06:33 | 000,073,728 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\NcdAutoSetup.dll -- (NcdAutoSetup)
SRV:64bit: - [2012-07-25 23:05:55 | 000,059,904 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso)
SRV:64bit: - [2012-07-25 23:05:34 | 000,037,376 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\efssvc.dll -- (EFS)
SRV:64bit: - [2012-07-25 23:05:24 | 000,342,016 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\das.dll -- (DeviceAssociationService)
SRV:64bit: - [2012-07-25 23:05:08 | 000,122,368 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AUInstallAgent.dll -- (AllUserInstallAgent)
SRV:64bit: - [2012-07-25 20:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicvss)
SRV:64bit: - [2012-07-25 20:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmictimesync)
SRV:64bit: - [2012-07-25 20:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicshutdown)
SRV:64bit: - [2012-07-25 20:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicrdv)
SRV:64bit: - [2012-07-25 20:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmickvpexchange)
SRV:64bit: - [2012-07-25 20:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicheartbeat)
SRV:64bit: - [2012-07-05 02:03:48 | 000,361,984 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service)
SRV:64bit: - [2012-07-04 10:17:26 | 000,239,616 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2009-10-16 15:53:46 | 000,029,184 | ---- | M] () [Auto | Stopped] -- C:\Windows\SysNative\spool\DRIVERS\x64\3\\lxduserv.exe -- (lxduCATSCustConnectService)
SRV:64bit: - [2009-10-16 12:06:39 | 001,039,360 | ---- | M] ( ) [Auto | Running] -- C:\Windows\SysNative\lxducoms.exe -- (lxdu_device)
SRV - [2012-07-25 23:30:05 | 002,675,200 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll -- (PrintNotify)
SRV - [2012-07-25 23:20:04 | 000,018,432 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\StorSvc.dll -- (StorSvc)
SRV - [2012-07-13 05:02:16 | 002,451,456 | ---- | M] (Realsil Microelectronics Inc.) [Auto | Running] -- C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe -- (IconMan_R)
SRV - [2011-11-25 19:32:36 | 000,687,400 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files (x86)\Nero\Update\NASvc.exe -- (NAUpdate)
SRV - [2010-10-12 13:59:12 | 000,206,072 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe -- (GamesAppService)
SRV - [2009-10-16 15:53:46 | 000,029,184 | ---- | M] () [Auto | Stopped] -- C:\Windows\system32\spool\DRIVERS\x64\3\\lxduserv.exe -- (lxduCATSCustConnectService)
SRV - [2009-10-16 12:06:30 | 000,589,824 | ---- | M] ( ) [Auto | Running] -- C:\Windows\SysWOW64\lxducoms.exe -- (lxdu_device)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2013-07-01 20:44:14 | 000,036,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\WdBoot.sys -- (WdBoot)
DRV:64bit: - [2013-07-01 18:08:49 | 000,247,216 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\WdFilter.sys -- (WdFilter)
DRV:64bit: - [2013-06-27 16:45:19 | 001,030,952 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2013-06-27 16:45:19 | 000,378,944 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:64bit: - [2013-06-27 16:45:19 | 000,189,936 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswVmm.sys -- (aswVmm)
DRV:64bit: - [2013-06-01 07:54:16 | 000,194,816 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2013-06-01 07:29:35 | 000,337,152 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\USBXHCI.SYS -- (USBXHCI)
DRV:64bit: - [2013-06-01 07:29:35 | 000,213,248 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\UCX01000.SYS -- (UCX01000)
DRV:64bit: - [2013-05-31 23:08:57 | 000,037,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\BthAvrcpTg.sys -- (BthAvrcpTg)
DRV:64bit: - [2013-05-09 04:59:07 | 000,072,016 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\aswRdr2.sys -- (aswRdr)
DRV:64bit: - [2013-05-09 04:59:07 | 000,065,336 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswRvrt.sys -- (aswRvrt)
DRV:64bit: - [2013-05-09 04:59:07 | 000,064,288 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi)
DRV:64bit: - [2013-05-09 04:59:06 | 000,080,816 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\Drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2013-05-09 04:59:06 | 000,033,400 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV:64bit: - [2013-05-09 04:59:06 | 000,022,600 | ---- | M] (AVAST Software) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswKbd.sys -- (aswKbd)
DRV:64bit: - [2013-05-04 03:34:17 | 000,446,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\USBHUB3.SYS -- (USBHUB3)
DRV:64bit: - [2013-05-04 03:34:15 | 000,284,416 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\spaceport.sys -- (spaceport)
DRV:64bit: - [2013-03-02 06:57:46 | 000,077,544 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\storahci.sys -- (storahci)
DRV:64bit: - [2013-03-02 06:45:20 | 000,148,712 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\tpm.sys -- (TPM)
DRV:64bit: - [2013-03-02 06:39:38 | 000,069,864 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\pdc.sys -- (pdc)
DRV:64bit: - [2013-01-09 21:53:32 | 000,028,904 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\msgpiowin32.sys -- (msgpiowin32)
DRV:64bit: - [2012-11-26 23:55:44 | 000,029,952 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\BthhfHid.sys -- (bthhfhid)
DRV:64bit: - [2012-11-20 00:54:31 | 000,039,936 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\hidi2c.sys -- (hidi2c)
DRV:64bit: - [2012-11-05 23:55:44 | 000,022,528 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\fxppm.sys -- (FxPPM)
DRV:64bit: - [2012-10-12 04:08:01 | 000,027,880 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012-10-11 03:25:48 | 000,056,552 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\sdstor.sys -- (sdstor)
DRV:64bit: - [2012-10-11 03:13:49 | 000,058,088 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\Drivers\dam.sys -- (dam)
DRV:64bit: - [2012-09-20 03:55:30 | 000,120,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\msgpioclx.sys -- (GPIOClx0101)
DRV:64bit: - [2012-09-20 03:55:27 | 003,265,256 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2012-09-20 03:55:24 | 000,533,224 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2012-07-26 01:26:46 | 000,025,328 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012-07-26 01:26:45 | 000,033,792 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\condrv.sys -- (condrv)
DRV:64bit: - [2012-07-26 01:00:58 | 000,322,800 | ---- | M] (VIA Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\VSTXRAID.SYS -- (VSTXRAID)
DRV:64bit: - [2012-07-26 01:00:58 | 000,106,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\VerifierExt.sys -- (VerifierExt)
DRV:64bit: - [2012-07-26 01:00:58 | 000,097,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\uaspstor.sys -- (UASPStor)
DRV:64bit: - [2012-07-26 01:00:57 | 000,077,040 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\acpiex.sys -- (acpiex)
DRV:64bit: - [2012-07-26 01:00:55 | 000,064,240 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\mvumis.sys -- (mvumis)
DRV:64bit: - [2012-07-26 01:00:55 | 000,030,960 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2012-07-26 01:00:52 | 000,092,400 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2012-07-26 01:00:52 | 000,081,136 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\lsi_sss.sys -- (LSI_SSS)
DRV:64bit: - [2012-07-26 01:00:52 | 000,064,752 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2012-07-26 01:00:51 | 000,113,904 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv)
DRV:64bit: - [2012-07-26 01:00:51 | 000,081,136 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\EhStorClass.sys -- (EhStorClass)
DRV:64bit: - [2012-07-26 01:00:49 | 000,258,288 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2012-07-26 01:00:49 | 000,106,736 | ---- | M] (LSI) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\3ware.sys -- (3ware)
DRV:64bit: - [2012-07-26 01:00:49 | 000,076,016 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2012-07-26 01:00:48 | 000,026,352 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2012-07-26 00:57:54 | 000,361,200 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\clfs.sys -- (CLFS)
DRV:64bit: - [2012-07-26 00:54:34 | 000,096,496 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\wfplwfs.sys -- (WFPLWFS)
DRV:64bit: - [2012-07-26 00:53:16 | 000,067,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\vpci.sys -- (vpci)
DRV:64bit: - [2012-07-25 23:17:38 | 000,036,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\terminpt.sys -- (terminpt)
DRV:64bit: - [2012-07-25 22:29:14 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\mshidumdf.sys -- (mshidumdf)
DRV:64bit: - [2012-07-25 22:29:08 | 000,048,640 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\BasicDisplay.sys -- (BasicDisplay)
DRV:64bit: - [2012-07-25 22:29:03 | 000,024,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\HyperVideo.sys -- (HyperVideo)
DRV:64bit: - [2012-07-25 22:28:52 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\BasicRender.sys -- (BasicRender)
DRV:64bit: - [2012-07-25 22:27:58 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\vmgencounter.sys -- (gencounter)
DRV:64bit: - [2012-07-25 22:27:41 | 000,018,432 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\kdnic.sys -- (kdnic)
DRV:64bit: - [2012-07-25 22:27:37 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\acpitime.sys -- (acpitime)
DRV:64bit: - [2012-07-25 22:27:33 | 000,023,552 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\npsvctrig.sys -- (npsvctrig)
DRV:64bit: - [2012-07-25 22:27:29 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\WpdUpFltr.sys -- (WpdUpFltr)
DRV:64bit: - [2012-07-25 22:27:16 | 000,010,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\acpipagr.sys -- (acpipagr)
DRV:64bit: - [2012-07-25 22:27:01 | 000,011,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\hyperkbd.sys -- (hyperkbd)
DRV:64bit: - [2012-07-25 22:26:46 | 000,062,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\SerCx.sys -- (SerCx)
DRV:64bit: - [2012-07-25 22:26:43 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\SpbCx.sys -- (SpbCx)
DRV:64bit: - [2012-07-25 22:26:34 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2012-07-25 22:26:13 | 000,051,200 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\bthhfenum.sys -- (BthHFEnum)
DRV:64bit: - [2012-07-25 22:25:57 | 000,033,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2012-07-25 22:25:56 | 000,057,344 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012-07-25 22:25:13 | 000,045,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\wpcfltr.sys -- (wpcfltr)
DRV:64bit: - [2012-07-25 22:25:01 | 000,126,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\NdisImPlatform.sys -- (NdisImPlatform)
DRV:64bit: - [2012-07-25 22:23:53 | 000,068,608 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\mslldp.sys -- (MsLldp)
DRV:64bit: - [2012-07-25 22:23:42 | 000,097,792 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\Drivers\Ndu.sys -- (Ndu)
DRV:64bit: - [2012-07-04 23:18:06 | 000,252,048 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:64bit: - [2012-07-04 11:23:40 | 010,267,648 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2012-07-04 09:19:28 | 000,368,128 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2012-07-02 22:49:06 | 000,098,472 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\AtihdW86.sys -- (AtiHDAudioService)
DRV:64bit: - [2012-06-21 01:12:20 | 000,683,664 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\Rt630x64.sys -- (RTL8168)
DRV:64bit: - [2012-06-18 17:25:22 | 000,057,000 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\usbfilter.sys -- (usbfilter)
DRV:64bit: - [2012-06-11 21:33:38 | 000,016,552 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\AtiPcie64.sys -- (AtiPcie)
DRV:64bit: - [2012-06-11 09:25:16 | 000,026,280 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\amd_xata.sys -- (amd_xata)
DRV:64bit: - [2012-06-11 09:25:14 | 000,079,016 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\amd_sata.sys -- (amd_sata)
DRV:64bit: - [2012-05-23 08:15:04 | 000,199,008 | ---- | M] (AppEx Networks Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\Drivers\appexDrv.sys -- (APXACC)

========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {AC993839-B56E-4F83-9A25-61CF87C754D4}
IE:64bit: - HKLM\..\SearchScopes\{AC993839-B56E-4F83-9A25-61CF87C754D4}: "URL" = http://www.bing.com/...E10TR&pc=MAGWJS
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\URLSearchHook: {9ed31f84-c8b3-4926-b950-dff74047ff79} - C:\Program Files (x86)\KeyBar_1.8\prxtbKeyB.dll (Conduit Ltd.)
IE - HKLM\..\SearchScopes,DefaultScope = {AC993839-B56E-4F83-9A25-61CF87C754D4}
IE - HKLM\..\SearchScopes\{AC993839-B56E-4F83-9A25-61CF87C754D4}: "URL" = http://www.bing.com/...E10TR&pc=MAGWJS

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer13.msn.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.bing.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKCU\..\URLSearchHook: {9ed31f84-c8b3-4926-b950-dff74047ff79} - C:\Program Files (x86)\KeyBar_1.8\prxtbKeyB.dll (Conduit Ltd.)
IE - HKCU\..\SearchScopes,DefaultScope = {08F12D45-272C-46AF-9DC9-2F249DCA5F84}
IE - HKCU\..\SearchScopes\{08F12D45-272C-46AF-9DC9-2F249DCA5F84}: "URL" = http://search.condui...7158261327&UM=2
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = 65.112.230.227:8080


========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1202122.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Plus Web Player Plug-In,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@SonyCreativeSoftware.com/Media Go,version=1.0: C:\Program Files (x86)\Sony\Media Go\npmediago.dll (Sony Network Entertainment International LLC)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.7: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2013-07-13 10:55:48 | 000,000,000 | ---D | M]

[2013-05-03 12:21:45 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Home\AppData\Roaming\mozilla\Firefox\extensions
[2013-05-03 12:21:47 | 000,000,000 | ---D | M] (uTorrentControl_v6) -- C:\Users\Home\AppData\Roaming\mozilla\Firefox\extensions\{96f454ea-9d38-474f-b504-56193e00c1a5}

========== Chrome ==========

CHR - default_search_provider: Conduit (Enabled)
CHR - default_search_provider: search_url = http://search.condui...=CT3286042&UM=2
CHR - default_search_provider: suggest_url = http://suggest.searc...0871879090&UM=2
CHR - homepage: https://www.google.ca/
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.57\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.57\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.57\pdf.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll
CHR - plugin: Media Go Detector (Enabled) = C:\Program Files (x86)\Sony\Media Go\npmediago.dll
CHR - plugin: VLC Web Plugin (Enabled) = C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\SysWOW64\Adobe\Director\np32dsw_1202122.dll
CHR - Extension: Media Hint = C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\anepbdekljkmmimmhbniglnnanmmkoja\0.1.13_0\
CHR - Extension: Google Docs = C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Google Drive = C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Google Search = C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Google Wallet Service = C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.9_0\
CHR - Extension: DivX Plus Web Player HTML5 \u003Cvideo\u003E = C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.172_0\
CHR - Extension: Gmail = C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2012-07-26 01:26:49 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\Drivers\etc\hosts
O2:64bit: - BHO: (avast! Online Security) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (KeyBar 1.8 Toolbar) - {9ed31f84-c8b3-4926-b950-dff74047ff79} - C:\Program Files (x86)\KeyBar_1.8\prxtbKeyB.dll (Conduit Ltd.)
O3:64bit: - HKLM\..\Toolbar: (avast! Online Security) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (KeyBar 1.8 Toolbar) - {9ed31f84-c8b3-4926-b950-dff74047ff79} - C:\Program Files (x86)\KeyBar_1.8\prxtbKeyB.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (KeyBar 1.8 Toolbar) - {9ED31F84-C8B3-4926-B950-DFF74047FF79} - C:\Program Files (x86)\KeyBar_1.8\prxtbKeyB.dll (Conduit Ltd.)
O4:64bit: - HKLM..\Run: [EzPrint] C:\Program Files (x86)\Lexmark 5600-6600 Series\ezprint.exe (Lexmark International Inc.)
O4:64bit: - HKLM..\Run: [lxdumon.exe] C:\Program Files (x86)\Lexmark 5600-6600 Series\lxdumon.exe ()
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [CCPrt] C:\Program Files (x86)\Cisco Systems\Cisco Connect\CCPrt.exe (Cisco Consumer Products LLC)
O4 - HKLM..\Run: [DivXMediaServer] C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe (DivX, LLC)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [Nikon Message Center 2] C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe (Nikon Corporation)
O4 - HKLM..\Run: [OtShot] C:\Program Files (x86)\OtShot\otshot.exe -minimize File not found
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKCU..\Run: [uTorrent] C:\Users\Home\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.191.115.242
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{27FC8D35-5612-4D37-A384-984C1C83AE44}: DhcpNameServer = 10.191.115.242
O18:64bit: - Protocol\Handler\intu-tt2012 - No CLSID value found
O18 - Protocol\Handler\intu-tt2012 {02F985EF-502B-4597-993F-6BF9E004C138} - C:\Program Files (x86)\TurboTax 2012\ic2012pp.dll (Intuit Canada, a general partnership/une société en nom collectif.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O30 - LSA: Security Packages - (livessp) - File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010-05-29 16:04:14 | 000,000,000 | R--D | M] - D:\autorun -- [ NTFS ]
O33 - MountPoints2\{81efef78-0520-11e3-bea1-f80f416f1e9f}\Shell - "" = AutoRun
O33 - MountPoints2\{81efef78-0520-11e3-bea1-f80f416f1e9f}\Shell\AutoRun\command - "" = "H:\HTC_Sync_Manager_PC.exe"
O33 - MountPoints2\{fe8f96a4-da67-11e2-be8e-f80f416f1e9f}\Shell - "" = AutoRun
O33 - MountPoints2\{fe8f96a4-da67-11e2-be8e-f80f416f1e9f}\Shell\AutoRun\command - "" = "H:\OpenSecureFiles.exe"
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2013-08-23 14:16:17 | 000,000,000 | ---D | C] -- C:\Users\Home\AppData\Roaming\TeamViewer
[2013-08-19 13:51:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Licenses
[2013-08-19 13:51:25 | 000,000,000 | ---D | C] -- C:\Users\Home\AppData\Roaming\MTG Studio
[2013-08-19 12:50:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Card Vault
[2013-08-19 12:50:17 | 000,000,000 | ---D | C] -- C:\CardVault
[2013-08-19 08:41:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\KeyBar_1.8
[2013-07-26 15:15:55 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\MRT

========== Files - Modified Within 30 Days ==========

[2013-08-23 15:26:00 | 000,000,916 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013-08-23 15:26:00 | 000,000,912 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013-08-23 14:22:28 | 000,000,017 | ---- | M] () -- C:\Users\Home\AppData\Local\resmon.resmoncfg
[2013-08-22 08:55:42 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013-08-22 02:52:29 | 000,848,230 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013-08-22 02:52:29 | 000,722,260 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013-08-22 02:52:29 | 000,136,434 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013-08-22 02:48:01 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2013-08-22 02:48:00 | 3819,675,647 | -HS- | M] () -- C:\hiberfil.sys
[2013-08-22 01:28:52 | 000,002,190 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2013-08-19 08:59:02 | 000,000,020 | -H-- | M] () -- C:\ProgramData\PKP_DLet.DAT
[2013-08-19 08:41:42 | 000,000,009 | ---- | M] () -- C:\END

========== Files Created - No Company Name ==========

[2013-08-23 14:22:28 | 000,000,017 | ---- | C] () -- C:\Users\Home\AppData\Local\resmon.resmoncfg
[2013-08-19 08:41:42 | 000,000,009 | ---- | C] () -- C:\END
[2013-07-26 20:15:10 | 000,386,642 | ---- | C] () -- C:\Windows\SysNative\ApnDatabase.xml
[2013-06-17 12:14:28 | 000,389,120 | ---- | C] () -- C:\Windows\SysWow64\LXDUinst.dll
[2013-06-17 12:14:28 | 000,335,872 | ---- | C] () -- C:\Windows\SysWow64\lxducomx.dll
[2013-06-17 12:14:27 | 001,069,056 | ---- | C] ( ) -- C:\Windows\SysWow64\lxduserv.dll
[2013-06-17 12:14:27 | 000,860,160 | ---- | C] ( ) -- C:\Windows\SysWow64\lxduusb1.dll
[2013-06-17 12:14:27 | 000,761,856 | ---- | C] ( ) -- C:\Windows\SysWow64\lxducomc.dll
[2013-06-17 12:14:27 | 000,684,032 | ---- | C] ( ) -- C:\Windows\SysWow64\lxduhbn3.dll
[2013-06-17 12:14:27 | 000,651,264 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdupmui.dll
[2013-06-17 12:14:27 | 000,589,824 | ---- | C] ( ) -- C:\Windows\SysWow64\lxducoms.exe
[2013-06-17 12:14:27 | 000,577,536 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdulmpm.dll
[2013-06-17 12:14:27 | 000,376,832 | ---- | C] ( ) -- C:\Windows\SysWow64\lxducomm.dll
[2013-06-17 12:14:27 | 000,364,544 | ---- | C] ( ) -- C:\Windows\SysWow64\lxduinpa.dll
[2013-06-17 12:14:27 | 000,364,544 | ---- | C] ( ) -- C:\Windows\SysWow64\lxducfg.exe
[2013-06-17 12:14:27 | 000,339,968 | ---- | C] ( ) -- C:\Windows\SysWow64\lxduiesc.dll
[2013-06-17 12:14:27 | 000,323,584 | ---- | C] ( ) -- C:\Windows\SysWow64\lxduih.exe
[2013-06-13 21:14:10 | 000,026,112 | ---- | C] () -- C:\Users\Home\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013-04-30 12:46:08 | 000,000,268 | RH-- | C] () -- C:\ProgramData\Legacy
[2013-04-30 12:46:07 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLes.DAT
[2013-04-30 12:46:07 | 000,000,012 | RH-- | C] () -- C:\ProgramData\Master
[2013-04-30 12:45:30 | 000,000,268 | RH-- | C] () -- C:\ProgramData\Libraries
[2013-04-30 12:45:30 | 000,000,268 | RH-- | C] () -- C:\ProgramData\LaunchAgents
[2013-04-30 12:45:30 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLev.DAT
[2013-04-30 12:45:30 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLet.DAT
[2013-04-30 12:45:30 | 000,000,012 | RH-- | C] () -- C:\ProgramData\Metadata Importer
[2013-04-30 12:37:06 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLeo.DAT
[2013-04-30 12:37:06 | 000,000,012 | RH-- | C] () -- C:\ProgramData\Pipe Organ
[2013-04-30 12:37:06 | 000,000,012 | RH-- | C] () -- C:\ProgramData\Mail
[2013-04-24 18:21:44 | 000,083,968 | ---- | C] () -- C:\Windows\SysWow64\OEMLicense.dll
[2013-04-24 17:19:03 | 001,036,288 | ---- | C] () -- C:\Windows\SysWow64\lxdudrs.dll
[2013-04-24 17:19:03 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\lxducaps.dll
[2013-04-24 17:19:03 | 000,069,632 | ---- | C] () -- C:\Windows\SysWow64\lxducnv4.dll
[2012-08-27 01:39:54 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2012-08-10 06:03:39 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2012-08-10 06:03:39 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2012-08-10 06:03:38 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2012-07-26 04:13:10 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2012-07-26 04:13:09 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2012-07-26 03:21:26 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2012-07-25 21:59:23 | 000,021,507 | ---- | C] () -- C:\Windows\SysWow64\cks3w2k.dll
[2012-07-25 21:17:42 | 000,043,520 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2012-07-25 16:37:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2012-07-25 16:28:31 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2012-06-02 10:31:19 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat

========== ZeroAccess Check ==========


[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013-03-06 02:31:28 | 019,758,592 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013-03-06 01:03:37 | 017,561,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2012-07-25 23:05:38 | 001,004,544 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2012-07-25 23:18:27 | 000,784,896 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2012-07-25 23:07:41 | 000,455,680 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2013-08-19 13:57:56 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\MTG Studio
[2013-05-01 14:04:46 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\Nikon
[2013-04-28 11:36:46 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\Sony
[2013-08-23 14:16:17 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\TeamViewer
[2013-08-23 15:30:09 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\uTorrent

========== Purity Check ==========



< End of report >
  • 0

Advertisements

#2
Essexboy
Posted 23 August 2013 - 01:56 PM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Firstly this is a scam do not buy anything or pass on any data. Reboot your computer off and do not let them access it

I will look at your logs and be back soon
  • 1

#3
Essexboy
Posted 23 August 2013 - 02:03 PM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
As it stands at the moment they do not appear to have placed anything on your computer, but I would like to confirm that

Warning This fix is only relevant for this system and no other, using on another computer may cause problems

Be advised that when the fix commences it will shut down all running processes and you may lose the desktop and icons, they will return on reboot

Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following
    Posted Image
:Commands
[CREATERESTOREPOINT]

:OTL
IE - HKLM\..\URLSearchHook: {9ed31f84-c8b3-4926-b950-dff74047ff79} - C:\Program Files (x86)\KeyBar_1.8\prxtbKeyB.dll (Conduit Ltd.)
IE - HKCU\..\URLSearchHook: {9ed31f84-c8b3-4926-b950-dff74047ff79} - C:\Program Files (x86)\KeyBar_1.8\prxtbKeyB.dll (Conduit Ltd.)
IE - HKCU\..\SearchScopes,DefaultScope = {08F12D45-272C-46AF-9DC9-2F249DCA5F84}
IE - HKCU\..\SearchScopes\{08F12D45-272C-46AF-9DC9-2F249DCA5F84}: "URL" = http://search.condui...7158261327&UM=2
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = 65.112.230.227:8080
O2 - BHO: (KeyBar 1.8 Toolbar) - {9ed31f84-c8b3-4926-b950-dff74047ff79} - C:\Program Files (x86)\KeyBar_1.8\prxtbKeyB.dll (Conduit Ltd.)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (KeyBar 1.8 Toolbar) - {9ed31f84-c8b3-4926-b950-dff74047ff79} - C:\Program Files (x86)\KeyBar_1.8\prxtbKeyB.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (KeyBar 1.8 Toolbar) - {9ED31F84-C8B3-4926-B950-DFF74047FF79} - C:\Program Files (x86)\KeyBar_1.8\prxtbKeyB.dll (Conduit Ltd.)
[2013-08-23 14:16:17 | 000,000,000 | ---D | C] -- C:\Users\Home\AppData\Roaming\TeamViewer
[2013-08-19 12:50:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Card Vault
[2013-08-19 12:50:17 | 000,000,000 | ---D | C] -- C:\CardVault
[2013-08-19 08:41:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\KeyBar_1.8

:Commands
[resethosts]
[emptytemp]
[Reboot]
  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done
  • Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.

THEN

Download Dr.Web CureIt .
  • Doubleclick the drweb-cureit.exe file to open it.
  • A window will open offering a choice of EPM or Standard Mode
  • Chose EPM
  • A license and updates window will appear. If necessary update, otherwise check the box "I agree to participate..." and click Continue
  • You will not be able to use your computer until the scan is finished. It generally takes only a short time say... around 15/20 mins.
  • Dr Web will scan your computer. When finished a report is saved to C:\users\....\Doctor Web named cureit.log. Copy and paste the contents back here.

  • 1

#4
sidhedraoi
Posted 23 August 2013 - 02:24 PM

sidhedraoi

    Member

  • Topic Starter
  • Member
  • PipPip
  • 72 posts
first; Essexboy, thank you for your quick response(was worried about doing anything as I didn't know what my son or they had done.
here is OTL after fix was run...
OTL logfile created on: 2013-08-23 4:21:23 PM - Run 6
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Home\Desktop
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16660)
Locale: 00001009 | Country: Canada | Language: ENC | Date Format: yyyy-MM-dd

9.45 Gb Total Physical Memory | 7.58 Gb Available Physical Memory | 80.24% Memory free
10.82 Gb Paging File | 8.62 Gb Available in Paging File | 79.68% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 907.70 Gb Total Space | 854.03 Gb Free Space | 94.09% Space Free | Partition Type: NTFS
Drive D: | 931.51 Gb Total Space | 419.19 Gb Free Space | 45.00% Space Free | Partition Type: NTFS
Drive G: | 7.49 Gb Total Space | 7.22 Gb Free Space | 96.43% Space Free | Partition Type: FAT32

Computer Name: LIVINGROOM | User Name: Home | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013-08-15 23:21:43 | 000,829,392 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2013-05-30 18:04:26 | 000,162,816 | ---- | M] () -- C:\Users\Home\AppData\Roaming\uTorrent\VirusGuard\BitTorrentAntivirus.exe
PRC - [2013-05-29 09:57:11 | 001,045,072 | ---- | M] (BitTorrent Inc.) -- C:\Users\Home\AppData\Roaming\uTorrent\uTorrent.exe
PRC - [2013-05-09 04:58:30 | 004,858,968 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2013-05-09 04:58:30 | 000,046,808 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2013-04-25 08:40:57 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Home\Desktop\OTL.exe
PRC - [2013-02-12 22:37:16 | 001,263,952 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
PRC - [2012-07-05 21:50:26 | 000,553,616 | ---- | M] (Acer Incorporated) -- C:\Program Files (x86)\Gateway\Hotkey Utility\HotkeyUtility.exe
PRC - [2012-07-05 03:24:22 | 000,642,728 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
PRC - [2011-11-25 19:32:36 | 000,687,400 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Nero\Update\NASvc.exe
PRC - [2010-02-04 06:10:51 | 000,131,752 | ---- | M] (Lexmark International Inc.) -- C:\Program Files (x86)\Lexmark 5600-6600 Series\ezprint.exe
PRC - [2010-02-04 06:10:44 | 000,676,520 | ---- | M] () -- C:\Program Files (x86)\Lexmark 5600-6600 Series\lxdumon.exe


========== Modules (No Company Name) ==========

MOD - [2013-08-15 23:21:41 | 000,410,576 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.57\ppgooglenaclpluginchrome.dll
MOD - [2013-08-15 23:21:39 | 004,053,456 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.57\pdf.dll
MOD - [2013-08-15 23:20:49 | 000,709,584 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.57\libglesv2.dll
MOD - [2013-08-15 23:20:48 | 000,099,792 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.57\libegl.dll
MOD - [2013-08-15 23:20:46 | 001,604,560 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.57\ffmpegsumo.dll
MOD - [2013-05-30 18:04:26 | 000,162,816 | ---- | M] () -- C:\Users\Home\AppData\Roaming\uTorrent\VirusGuard\BitTorrentAntivirus.exe
MOD - [2013-02-12 22:38:06 | 000,100,688 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
MOD - [2013-02-12 22:37:16 | 001,263,952 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
MOD - [2010-02-04 06:10:44 | 000,676,520 | ---- | M] () -- C:\Program Files (x86)\Lexmark 5600-6600 Series\lxdumon.exe
MOD - [2010-02-04 05:52:35 | 000,081,920 | ---- | M] () -- C:\Program Files (x86)\Lexmark 5600-6600 Series\lxducaps.dll
MOD - [2010-02-04 05:52:27 | 000,380,928 | ---- | M] () -- C:\Program Files (x86)\Lexmark 5600-6600 Series\lxduscw.dll
MOD - [2010-02-04 05:52:26 | 001,036,288 | ---- | M] () -- C:\Program Files (x86)\Lexmark 5600-6600 Series\lxdudrs.dll
MOD - [2010-02-04 05:51:18 | 000,380,928 | ---- | M] () -- C:\Program Files (x86)\Lexmark 5600-6600 Series\iptk.dll
MOD - [2010-02-04 05:36:06 | 000,188,416 | ---- | M] () -- C:\Program Files (x86)\Lexmark 5600-6600 Series\lxdudatr.dll
MOD - [2010-02-04 05:35:59 | 000,069,632 | ---- | M] () -- C:\Program Files (x86)\Lexmark 5600-6600 Series\lxducnv4.dll
MOD - [2009-10-16 11:53:35 | 000,073,728 | ---- | M] () -- C:\Program Files (x86)\Lexmark 5600-6600 Series\lxducats.dll
MOD - [2007-09-06 06:11:34 | 000,151,552 | ---- | M] () -- C:\Program Files (x86)\Lexmark 5600-6600 Series\lxduptp.dll


========== Services (SafeList) ==========

SRV:64bit: - [2013-07-01 20:44:21 | 000,016,048 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV:64bit: - [2013-06-01 05:19:58 | 000,207,872 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DeviceSetupManager.dll -- (DsmSvc)
SRV:64bit: - [2013-05-09 04:58:30 | 000,046,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2013-05-04 02:58:02 | 000,470,528 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm)
SRV:64bit: - [2013-05-04 02:57:05 | 000,179,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\bisrv.dll -- (BrokerInfrastructure)
SRV:64bit: - [2013-04-09 00:48:42 | 000,169,472 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder)
SRV:64bit: - [2013-03-01 22:45:07 | 000,171,008 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\TimeBrokerServer.dll -- (TimeBroker)
SRV:64bit: - [2013-03-01 22:45:05 | 000,180,224 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\SystemEventsBrokerServer.dll -- (SystemEventsBroker)
SRV:64bit: - [2013-01-09 19:23:16 | 001,964,544 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\wlidsvc.dll -- (wlidsvc)
SRV:64bit: - [2013-01-09 19:22:35 | 000,438,272 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsm.dll -- (LSM)
SRV:64bit: - [2012-09-20 05:10:47 | 002,367,528 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WSService.dll -- (WSService)
SRV:64bit: - [2012-09-20 02:31:18 | 000,116,736 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\fhsvc.dll -- (fhsvc)
SRV:64bit: - [2012-08-23 00:02:36 | 000,658,576 | ---- | M] (Acer Incorporated) [On_Demand | Running] -- C:\Program Files\Gateway\Gateway Power Management\ePowerSvc.exe -- (ePowerSvc)
SRV:64bit: - [2012-07-25 23:30:05 | 002,675,200 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV:64bit: - [2012-07-25 23:07:47 | 000,065,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wiarpc.dll -- (WiaRpc)
SRV:64bit: - [2012-07-25 23:07:42 | 000,263,680 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wcmsvc.dll -- (Wcmsvc)
SRV:64bit: - [2012-07-25 23:07:40 | 000,283,648 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\vaultsvc.dll -- (VaultSvc)
SRV:64bit: - [2012-07-25 23:07:25 | 000,012,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svsvc.dll -- (svsvc)
SRV:64bit: - [2012-07-25 23:06:34 | 000,743,936 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\netlogon.dll -- (Netlogon)
SRV:64bit: - [2012-07-25 23:06:33 | 000,161,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcaSvc.dll -- (NcaSvc)
SRV:64bit: - [2012-07-25 23:06:33 | 000,073,728 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\NcdAutoSetup.dll -- (NcdAutoSetup)
SRV:64bit: - [2012-07-25 23:05:55 | 000,059,904 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso)
SRV:64bit: - [2012-07-25 23:05:34 | 000,037,376 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\efssvc.dll -- (EFS)
SRV:64bit: - [2012-07-25 23:05:24 | 000,342,016 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\das.dll -- (DeviceAssociationService)
SRV:64bit: - [2012-07-25 23:05:08 | 000,122,368 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AUInstallAgent.dll -- (AllUserInstallAgent)
SRV:64bit: - [2012-07-25 20:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicvss)
SRV:64bit: - [2012-07-25 20:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmictimesync)
SRV:64bit: - [2012-07-25 20:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicshutdown)
SRV:64bit: - [2012-07-25 20:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicrdv)
SRV:64bit: - [2012-07-25 20:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmickvpexchange)
SRV:64bit: - [2012-07-25 20:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicheartbeat)
SRV:64bit: - [2012-07-05 02:03:48 | 000,361,984 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service)
SRV:64bit: - [2012-07-04 10:17:26 | 000,239,616 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2009-10-16 15:53:46 | 000,029,184 | ---- | M] () [Auto | Stopped] -- C:\Windows\SysNative\spool\DRIVERS\x64\3\\lxduserv.exe -- (lxduCATSCustConnectService)
SRV:64bit: - [2009-10-16 12:06:39 | 001,039,360 | ---- | M] ( ) [Auto | Running] -- C:\Windows\SysNative\lxducoms.exe -- (lxdu_device)
SRV - [2012-07-25 23:30:05 | 002,675,200 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll -- (PrintNotify)
SRV - [2012-07-25 23:20:04 | 000,018,432 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\StorSvc.dll -- (StorSvc)
SRV - [2012-07-13 05:02:16 | 002,451,456 | ---- | M] (Realsil Microelectronics Inc.) [Auto | Running] -- C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe -- (IconMan_R)
SRV - [2011-11-25 19:32:36 | 000,687,400 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files (x86)\Nero\Update\NASvc.exe -- (NAUpdate)
SRV - [2010-10-12 13:59:12 | 000,206,072 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe -- (GamesAppService)
SRV - [2009-10-16 15:53:46 | 000,029,184 | ---- | M] () [Auto | Stopped] -- C:\Windows\system32\spool\DRIVERS\x64\3\\lxduserv.exe -- (lxduCATSCustConnectService)
SRV - [2009-10-16 12:06:30 | 000,589,824 | ---- | M] ( ) [Auto | Running] -- C:\Windows\SysWOW64\lxducoms.exe -- (lxdu_device)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2013-07-01 20:44:14 | 000,036,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\WdBoot.sys -- (WdBoot)
DRV:64bit: - [2013-07-01 18:08:49 | 000,247,216 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\WdFilter.sys -- (WdFilter)
DRV:64bit: - [2013-06-27 16:45:19 | 001,030,952 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2013-06-27 16:45:19 | 000,378,944 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:64bit: - [2013-06-27 16:45:19 | 000,189,936 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswVmm.sys -- (aswVmm)
DRV:64bit: - [2013-06-01 07:54:16 | 000,194,816 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2013-06-01 07:29:35 | 000,337,152 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\USBXHCI.SYS -- (USBXHCI)
DRV:64bit: - [2013-06-01 07:29:35 | 000,213,248 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\UCX01000.SYS -- (UCX01000)
DRV:64bit: - [2013-05-31 23:08:57 | 000,037,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\BthAvrcpTg.sys -- (BthAvrcpTg)
DRV:64bit: - [2013-05-09 04:59:07 | 000,072,016 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\aswRdr2.sys -- (aswRdr)
DRV:64bit: - [2013-05-09 04:59:07 | 000,065,336 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswRvrt.sys -- (aswRvrt)
DRV:64bit: - [2013-05-09 04:59:07 | 000,064,288 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi)
DRV:64bit: - [2013-05-09 04:59:06 | 000,080,816 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\Drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2013-05-09 04:59:06 | 000,033,400 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV:64bit: - [2013-05-09 04:59:06 | 000,022,600 | ---- | M] (AVAST Software) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswKbd.sys -- (aswKbd)
DRV:64bit: - [2013-05-04 03:34:17 | 000,446,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\USBHUB3.SYS -- (USBHUB3)
DRV:64bit: - [2013-05-04 03:34:15 | 000,284,416 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\spaceport.sys -- (spaceport)
DRV:64bit: - [2013-03-02 06:57:46 | 000,077,544 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\storahci.sys -- (storahci)
DRV:64bit: - [2013-03-02 06:45:20 | 000,148,712 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\tpm.sys -- (TPM)
DRV:64bit: - [2013-03-02 06:39:38 | 000,069,864 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\pdc.sys -- (pdc)
DRV:64bit: - [2013-01-09 21:53:32 | 000,028,904 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\msgpiowin32.sys -- (msgpiowin32)
DRV:64bit: - [2012-11-26 23:55:44 | 000,029,952 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\BthhfHid.sys -- (bthhfhid)
DRV:64bit: - [2012-11-20 00:54:31 | 000,039,936 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\hidi2c.sys -- (hidi2c)
DRV:64bit: - [2012-11-05 23:55:44 | 000,022,528 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\fxppm.sys -- (FxPPM)
DRV:64bit: - [2012-10-12 04:08:01 | 000,027,880 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012-10-11 03:25:48 | 000,056,552 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\sdstor.sys -- (sdstor)
DRV:64bit: - [2012-10-11 03:13:49 | 000,058,088 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\Drivers\dam.sys -- (dam)
DRV:64bit: - [2012-09-20 03:55:30 | 000,120,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\msgpioclx.sys -- (GPIOClx0101)
DRV:64bit: - [2012-09-20 03:55:27 | 003,265,256 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2012-09-20 03:55:24 | 000,533,224 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2012-07-26 01:26:46 | 000,025,328 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012-07-26 01:26:45 | 000,033,792 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\condrv.sys -- (condrv)
DRV:64bit: - [2012-07-26 01:00:58 | 000,322,800 | ---- | M] (VIA Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\VSTXRAID.SYS -- (VSTXRAID)
DRV:64bit: - [2012-07-26 01:00:58 | 000,106,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\VerifierExt.sys -- (VerifierExt)
DRV:64bit: - [2012-07-26 01:00:58 | 000,097,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\uaspstor.sys -- (UASPStor)
DRV:64bit: - [2012-07-26 01:00:57 | 000,077,040 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\acpiex.sys -- (acpiex)
DRV:64bit: - [2012-07-26 01:00:55 | 000,064,240 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\mvumis.sys -- (mvumis)
DRV:64bit: - [2012-07-26 01:00:55 | 000,030,960 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2012-07-26 01:00:52 | 000,092,400 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2012-07-26 01:00:52 | 000,081,136 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\lsi_sss.sys -- (LSI_SSS)
DRV:64bit: - [2012-07-26 01:00:52 | 000,064,752 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2012-07-26 01:00:51 | 000,113,904 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv)
DRV:64bit: - [2012-07-26 01:00:51 | 000,081,136 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\EhStorClass.sys -- (EhStorClass)
DRV:64bit: - [2012-07-26 01:00:49 | 000,258,288 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2012-07-26 01:00:49 | 000,106,736 | ---- | M] (LSI) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\3ware.sys -- (3ware)
DRV:64bit: - [2012-07-26 01:00:49 | 000,076,016 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2012-07-26 01:00:48 | 000,026,352 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2012-07-26 00:57:54 | 000,361,200 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\clfs.sys -- (CLFS)
DRV:64bit: - [2012-07-26 00:54:34 | 000,096,496 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\wfplwfs.sys -- (WFPLWFS)
DRV:64bit: - [2012-07-26 00:53:16 | 000,067,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\vpci.sys -- (vpci)
DRV:64bit: - [2012-07-25 23:17:38 | 000,036,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\terminpt.sys -- (terminpt)
DRV:64bit: - [2012-07-25 22:29:14 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\mshidumdf.sys -- (mshidumdf)
DRV:64bit: - [2012-07-25 22:29:08 | 000,048,640 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\BasicDisplay.sys -- (BasicDisplay)
DRV:64bit: - [2012-07-25 22:29:03 | 000,024,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\HyperVideo.sys -- (HyperVideo)
DRV:64bit: - [2012-07-25 22:28:52 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\BasicRender.sys -- (BasicRender)
DRV:64bit: - [2012-07-25 22:27:58 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\vmgencounter.sys -- (gencounter)
DRV:64bit: - [2012-07-25 22:27:41 | 000,018,432 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\kdnic.sys -- (kdnic)
DRV:64bit: - [2012-07-25 22:27:37 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\acpitime.sys -- (acpitime)
DRV:64bit: - [2012-07-25 22:27:33 | 000,023,552 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\npsvctrig.sys -- (npsvctrig)
DRV:64bit: - [2012-07-25 22:27:29 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\WpdUpFltr.sys -- (WpdUpFltr)
DRV:64bit: - [2012-07-25 22:27:16 | 000,010,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\acpipagr.sys -- (acpipagr)
DRV:64bit: - [2012-07-25 22:27:01 | 000,011,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\hyperkbd.sys -- (hyperkbd)
DRV:64bit: - [2012-07-25 22:26:46 | 000,062,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\SerCx.sys -- (SerCx)
DRV:64bit: - [2012-07-25 22:26:43 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\SpbCx.sys -- (SpbCx)
DRV:64bit: - [2012-07-25 22:26:34 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2012-07-25 22:26:13 | 000,051,200 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\bthhfenum.sys -- (BthHFEnum)
DRV:64bit: - [2012-07-25 22:25:57 | 000,033,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2012-07-25 22:25:56 | 000,057,344 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012-07-25 22:25:13 | 000,045,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\wpcfltr.sys -- (wpcfltr)
DRV:64bit: - [2012-07-25 22:25:01 | 000,126,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\NdisImPlatform.sys -- (NdisImPlatform)
DRV:64bit: - [2012-07-25 22:23:53 | 000,068,608 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\mslldp.sys -- (MsLldp)
DRV:64bit: - [2012-07-25 22:23:42 | 000,097,792 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\Drivers\Ndu.sys -- (Ndu)
DRV:64bit: - [2012-07-04 23:18:06 | 000,252,048 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:64bit: - [2012-07-04 11:23:40 | 010,267,648 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2012-07-04 09:19:28 | 000,368,128 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2012-07-02 22:49:06 | 000,098,472 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\AtihdW86.sys -- (AtiHDAudioService)
DRV:64bit: - [2012-06-21 01:12:20 | 000,683,664 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\Rt630x64.sys -- (RTL8168)
DRV:64bit: - [2012-06-18 17:25:22 | 000,057,000 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\usbfilter.sys -- (usbfilter)
DRV:64bit: - [2012-06-11 21:33:38 | 000,016,552 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\AtiPcie64.sys -- (AtiPcie)
DRV:64bit: - [2012-06-11 09:25:16 | 000,026,280 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\amd_xata.sys -- (amd_xata)
DRV:64bit: - [2012-06-11 09:25:14 | 000,079,016 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\amd_sata.sys -- (amd_sata)
DRV:64bit: - [2012-05-23 08:15:04 | 000,199,008 | ---- | M] (AppEx Networks Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\Drivers\appexDrv.sys -- (APXACC)

========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {AC993839-B56E-4F83-9A25-61CF87C754D4}
IE:64bit: - HKLM\..\SearchScopes\{AC993839-B56E-4F83-9A25-61CF87C754D4}: "URL" = http://www.bing.com/...E10TR&pc=MAGWJS
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\URLSearchHook: {9ed31f84-c8b3-4926-b950-dff74047ff79} - C:\Program Files (x86)\KeyBar_1.8\prxtbKeyB.dll (Conduit Ltd.)
IE - HKLM\..\SearchScopes,DefaultScope = {AC993839-B56E-4F83-9A25-61CF87C754D4}
IE - HKLM\..\SearchScopes\{AC993839-B56E-4F83-9A25-61CF87C754D4}: "URL" = http://www.bing.com/...E10TR&pc=MAGWJS

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer13.msn.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.bing.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKCU\..\URLSearchHook: {9ed31f84-c8b3-4926-b950-dff74047ff79} - C:\Program Files (x86)\KeyBar_1.8\prxtbKeyB.dll (Conduit Ltd.)
IE - HKCU\..\SearchScopes,DefaultScope = {08F12D45-272C-46AF-9DC9-2F249DCA5F84}
IE - HKCU\..\SearchScopes\{08F12D45-272C-46AF-9DC9-2F249DCA5F84}: "URL" = http://search.condui...7158261327&UM=2
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = 65.112.230.227:8080


========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1202122.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Plus Web Player Plug-In,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@SonyCreativeSoftware.com/Media Go,version=1.0: C:\Program Files (x86)\Sony\Media Go\npmediago.dll (Sony Network Entertainment International LLC)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.7: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2013-07-13 10:55:48 | 000,000,000 | ---D | M]

[2013-05-03 12:21:45 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Home\AppData\Roaming\mozilla\Firefox\extensions
[2013-05-03 12:21:47 | 000,000,000 | ---D | M] (uTorrentControl_v6) -- C:\Users\Home\AppData\Roaming\mozilla\Firefox\extensions\{96f454ea-9d38-474f-b504-56193e00c1a5}

========== Chrome ==========

CHR - default_search_provider: Conduit (Enabled)
CHR - default_search_provider: search_url = http://search.condui...=CT3286042&UM=2
CHR - default_search_provider: suggest_url = http://suggest.searc...0871879090&UM=2
CHR - homepage: https://www.google.ca/
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.57\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.57\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.57\pdf.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll
CHR - plugin: Media Go Detector (Enabled) = C:\Program Files (x86)\Sony\Media Go\npmediago.dll
CHR - plugin: VLC Web Plugin (Enabled) = C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\SysWOW64\Adobe\Director\np32dsw_1202122.dll
CHR - Extension: Media Hint = C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\anepbdekljkmmimmhbniglnnanmmkoja\0.1.13_0\
CHR - Extension: Google Docs = C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Google Drive = C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Google Search = C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Google Wallet Service = C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.9_0\
CHR - Extension: DivX Plus Web Player HTML5 \u003Cvideo\u003E = C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.172_0\
CHR - Extension: Gmail = C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2012-07-26 01:26:49 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\Drivers\etc\hosts
O2:64bit: - BHO: (avast! Online Security) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (KeyBar 1.8 Toolbar) - {9ed31f84-c8b3-4926-b950-dff74047ff79} - C:\Program Files (x86)\KeyBar_1.8\prxtbKeyB.dll (Conduit Ltd.)
O3:64bit: - HKLM\..\Toolbar: (avast! Online Security) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (KeyBar 1.8 Toolbar) - {9ed31f84-c8b3-4926-b950-dff74047ff79} - C:\Program Files (x86)\KeyBar_1.8\prxtbKeyB.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (KeyBar 1.8 Toolbar) - {9ED31F84-C8B3-4926-B950-DFF74047FF79} - C:\Program Files (x86)\KeyBar_1.8\prxtbKeyB.dll (Conduit Ltd.)
O4:64bit: - HKLM..\Run: [EzPrint] C:\Program Files (x86)\Lexmark 5600-6600 Series\ezprint.exe (Lexmark International Inc.)
O4:64bit: - HKLM..\Run: [lxdumon.exe] C:\Program Files (x86)\Lexmark 5600-6600 Series\lxdumon.exe ()
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [CCPrt] C:\Program Files (x86)\Cisco Systems\Cisco Connect\CCPrt.exe (Cisco Consumer Products LLC)
O4 - HKLM..\Run: [DivXMediaServer] C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe (DivX, LLC)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [Nikon Message Center 2] C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe (Nikon Corporation)
O4 - HKLM..\Run: [OtShot] C:\Program Files (x86)\OtShot\otshot.exe -minimize File not found
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKCU..\Run: [uTorrent] C:\Users\Home\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.191.115.242
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{27FC8D35-5612-4D37-A384-984C1C83AE44}: DhcpNameServer = 10.191.115.242
O18:64bit: - Protocol\Handler\intu-tt2012 - No CLSID value found
O18 - Protocol\Handler\intu-tt2012 {02F985EF-502B-4597-993F-6BF9E004C138} - C:\Program Files (x86)\TurboTax 2012\ic2012pp.dll (Intuit Canada, a general partnership/une société en nom collectif.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O30 - LSA: Security Packages - (livessp) - File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010-05-29 16:04:14 | 000,000,000 | R--D | M] - D:\autorun -- [ NTFS ]
O33 - MountPoints2\{81efef78-0520-11e3-bea1-f80f416f1e9f}\Shell - "" = AutoRun
O33 - MountPoints2\{81efef78-0520-11e3-bea1-f80f416f1e9f}\Shell\AutoRun\command - "" = "H:\HTC_Sync_Manager_PC.exe"
O33 - MountPoints2\{fe8f96a4-da67-11e2-be8e-f80f416f1e9f}\Shell - "" = AutoRun
O33 - MountPoints2\{fe8f96a4-da67-11e2-be8e-f80f416f1e9f}\Shell\AutoRun\command - "" = "H:\OpenSecureFiles.exe"
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2013-08-23 16:18:30 | 000,000,000 | ---D | C] -- C:\_OTL
[2013-08-23 14:16:17 | 000,000,000 | ---D | C] -- C:\Users\Home\AppData\Roaming\TeamViewer
[2013-08-19 13:51:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Licenses
[2013-08-19 13:51:25 | 000,000,000 | ---D | C] -- C:\Users\Home\AppData\Roaming\MTG Studio
[2013-08-19 12:50:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Card Vault
[2013-08-19 12:50:17 | 000,000,000 | ---D | C] -- C:\CardVault
[2013-08-19 08:41:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\KeyBar_1.8
[2013-07-26 15:15:55 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\MRT

========== Files - Modified Within 30 Days ==========

[2013-08-23 16:19:50 | 000,000,912 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013-08-23 15:26:00 | 000,000,916 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013-08-23 14:22:28 | 000,000,017 | ---- | M] () -- C:\Users\Home\AppData\Local\resmon.resmoncfg
[2013-08-22 08:55:42 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013-08-22 02:52:29 | 000,848,230 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013-08-22 02:52:29 | 000,722,260 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013-08-22 02:52:29 | 000,136,434 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013-08-22 02:48:01 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2013-08-22 02:48:00 | 3819,675,647 | -HS- | M] () -- C:\hiberfil.sys
[2013-08-22 01:28:52 | 000,002,190 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2013-08-19 08:59:02 | 000,000,020 | -H-- | M] () -- C:\ProgramData\PKP_DLet.DAT
[2013-08-19 08:41:42 | 000,000,009 | ---- | M] () -- C:\END

========== Files Created - No Company Name ==========

[2013-08-23 14:22:28 | 000,000,017 | ---- | C] () -- C:\Users\Home\AppData\Local\resmon.resmoncfg
[2013-08-19 08:41:42 | 000,000,009 | ---- | C] () -- C:\END
[2013-07-26 20:15:10 | 000,386,642 | ---- | C] () -- C:\Windows\SysNative\ApnDatabase.xml
[2013-06-17 12:14:28 | 000,389,120 | ---- | C] () -- C:\Windows\SysWow64\LXDUinst.dll
[2013-06-17 12:14:28 | 000,335,872 | ---- | C] () -- C:\Windows\SysWow64\lxducomx.dll
[2013-06-17 12:14:27 | 001,069,056 | ---- | C] ( ) -- C:\Windows\SysWow64\lxduserv.dll
[2013-06-17 12:14:27 | 000,860,160 | ---- | C] ( ) -- C:\Windows\SysWow64\lxduusb1.dll
[2013-06-17 12:14:27 | 000,761,856 | ---- | C] ( ) -- C:\Windows\SysWow64\lxducomc.dll
[2013-06-17 12:14:27 | 000,684,032 | ---- | C] ( ) -- C:\Windows\SysWow64\lxduhbn3.dll
[2013-06-17 12:14:27 | 000,651,264 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdupmui.dll
[2013-06-17 12:14:27 | 000,589,824 | ---- | C] ( ) -- C:\Windows\SysWow64\lxducoms.exe
[2013-06-17 12:14:27 | 000,577,536 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdulmpm.dll
[2013-06-17 12:14:27 | 000,376,832 | ---- | C] ( ) -- C:\Windows\SysWow64\lxducomm.dll
[2013-06-17 12:14:27 | 000,364,544 | ---- | C] ( ) -- C:\Windows\SysWow64\lxduinpa.dll
[2013-06-17 12:14:27 | 000,364,544 | ---- | C] ( ) -- C:\Windows\SysWow64\lxducfg.exe
[2013-06-17 12:14:27 | 000,339,968 | ---- | C] ( ) -- C:\Windows\SysWow64\lxduiesc.dll
[2013-06-17 12:14:27 | 000,323,584 | ---- | C] ( ) -- C:\Windows\SysWow64\lxduih.exe
[2013-06-13 21:14:10 | 000,026,112 | ---- | C] () -- C:\Users\Home\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013-04-30 12:46:08 | 000,000,268 | RH-- | C] () -- C:\ProgramData\Legacy
[2013-04-30 12:46:07 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLes.DAT
[2013-04-30 12:46:07 | 000,000,012 | RH-- | C] () -- C:\ProgramData\Master
[2013-04-30 12:45:30 | 000,000,268 | RH-- | C] () -- C:\ProgramData\Libraries
[2013-04-30 12:45:30 | 000,000,268 | RH-- | C] () -- C:\ProgramData\LaunchAgents
[2013-04-30 12:45:30 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLev.DAT
[2013-04-30 12:45:30 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLet.DAT
[2013-04-30 12:45:30 | 000,000,012 | RH-- | C] () -- C:\ProgramData\Metadata Importer
[2013-04-30 12:37:06 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLeo.DAT
[2013-04-30 12:37:06 | 000,000,012 | RH-- | C] () -- C:\ProgramData\Pipe Organ
[2013-04-30 12:37:06 | 000,000,012 | RH-- | C] () -- C:\ProgramData\Mail
[2013-04-24 18:21:44 | 000,083,968 | ---- | C] () -- C:\Windows\SysWow64\OEMLicense.dll
[2013-04-24 17:19:03 | 001,036,288 | ---- | C] () -- C:\Windows\SysWow64\lxdudrs.dll
[2013-04-24 17:19:03 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\lxducaps.dll
[2013-04-24 17:19:03 | 000,069,632 | ---- | C] () -- C:\Windows\SysWow64\lxducnv4.dll
[2012-08-27 01:39:54 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2012-08-10 06:03:39 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2012-08-10 06:03:39 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2012-08-10 06:03:38 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2012-07-26 04:13:10 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2012-07-26 04:13:09 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2012-07-26 03:21:26 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2012-07-25 21:59:23 | 000,021,507 | ---- | C] () -- C:\Windows\SysWow64\cks3w2k.dll
[2012-07-25 21:17:42 | 000,043,520 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2012-07-25 16:37:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2012-07-25 16:28:31 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2012-06-02 10:31:19 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat

========== ZeroAccess Check ==========


[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013-03-06 02:31:28 | 019,758,592 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013-03-06 01:03:37 | 017,561,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2012-07-25 23:05:38 | 001,004,544 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2012-07-25 23:18:27 | 000,784,896 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2012-07-25 23:07:41 | 000,455,680 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2013-08-19 13:57:56 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\MTG Studio
[2013-05-01 14:04:46 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\Nikon
[2013-04-28 11:36:46 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\Sony
[2013-08-23 14:16:17 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\TeamViewer
[2013-08-23 16:22:05 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\uTorrent

========== Purity Check ==========



< End of report >
  • 0

#5
Essexboy
Posted 23 August 2013 - 02:27 PM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Here is some further information on the scam that they tried on you http://www.microsoft...hone-scams.aspx

As I say I could not see anything that they inserted on your computer apart from teamviewer, but DrWeb cureit is very thorough and should locate anything they may have dropped
  • 1

#6
sidhedraoi
Posted 23 August 2013 - 02:54 PM

sidhedraoi

    Member

  • Topic Starter
  • Member
  • PipPip
  • 72 posts
and DR. Web says;

part 1)
=============================================================================
Dr.Web Scanner SE for Windows v8.2.0.07100
© Doctor Web, Ltd., 1992-2013
Scan session started 2013/08/23 16:29:20
Module location : C:\Users\Home\AppData\Local\Temp\A9650260-3A2E3B57-DE0FB9DF-AEE1BE\
=============================================================================
OPTION [Automatic Apply Actions] NO
OPTION [Turn Off Computer After Scan] NO
OPTION [Use Sound Alerts] NO
OPTION [Block Network] NO
OPTION [Protect Process] NO
OPTION [Protect Raw Disk] NO
Using language: "English"
Available instances: 12
Instances used: 12
Platform: Windows 8 Starter x64/WOW (Build 9200)
API Version: 2.2
Scanning Engine version: 8.1.0.7100
Virus Finding Engine version: 7.0.5.6250
Total 131 virus bases are loaded from C:\Users\Home\AppData\Local\Temp\A9650260-3A2E3B57-DE0FB9DF-AEE1BE
fkm6qtmm 7.0 d0661108e9027ca92aa658ff5d747fcd68fc85da 2013/08/23 14:10:36 3694 records - OK
kcducp71 7.0 215c2d42a54f5188e8159bfd122292450d16f29b 2011/07/25 10:20:03 2 records - OK
02hjeaz5 7.0 fb463102a6393ccd27a36250d3d9b728e808d620 2013/08/22 15:04:00 9138 records - OK
a7ut33kt 7.0 b453f2d6f8659d9dd5b9aa92f2a4cfa16cbfa1db 2013/08/18 23:07:38 30970 records - OK
6swsiu20 7.0 99da1df207839fb44ae24c23590c827a78b79624 2013/08/11 23:07:21 36983 records - OK
kusmyu4r 7.0 f00c8b50a0012e8c42c6739e1326d23df1894610 2013/08/04 23:06:47 34115 records - OK
d9u40a8f 7.0 896fcf8d5d0cd958da3891b65648d2dc1592338b 2013/07/28 23:07:44 19463 records - OK
iiel0uxy 7.0 d690513befab3ea86af2fe671a7f24cc05c9feaa 2013/07/21 23:08:15 35067 records - OK
36lwjs4s 7.0 5d7d11b0edc97be077b0771339ba3dc0c75de9e0 2013/07/14 23:08:05 29822 records - OK
n57vwzm1 7.0 67683402b8212ef4da87f649878865c52e5dc113 2013/07/07 23:08:35 39172 records - OK
sdgekwci 7.0 613a3e4bae38b4e00a7432c24a9cd916fb1c654f 2013/06/30 23:06:34 24654 records - OK
6vp5nxgh 7.0 b81132c4abffd4d2949531a1219b6bb1c3bad6f7 2013/06/23 23:06:30 14062 records - OK
uf9qpbue 7.0 9aab251475626c658b193cfa2b5f91da471bf8f2 2013/06/16 23:05:57 13350 records - OK
nx2jyn0h 7.0 e1f8aca88745fcdd49dc7ae75e142c41e1faf178 2013/06/09 23:08:13 26371 records - OK
i276z0mp 7.0 4e8627555a073f6bad5218bad3e69ebc4b93069f 2013/06/02 23:07:47 25525 records - OK
s8ushul1 7.0 f562371c5115143824efde38c9567c34ccbe5d1a 2013/05/26 23:16:19 33200 records - OK
fy2pb7zd 7.0 eccb30ec8ed44456f9b88fe96d9fe0de40e4fa51 2013/05/19 23:11:05 46384 records - OK
8dkqw0fg 7.0 9b481fbfbe1f564a84f21552da1d30d24e7b01db 2013/05/12 23:07:01 34270 records - OK
762ir71r 7.0 1bf754dd720727b5d6803e081c16ff7f4ba7b40b 2013/05/05 23:08:46 41611 records - OK
dor7rjlx 7.0 4e883c92513c2d991968fb3e4f27910a63d9a2df 2013/04/28 23:06:36 36105 records - OK
y33vksq4 7.0 b047d178295ecde53c3cf1c34e4361004569fa33 2013/04/21 23:07:26 31319 records - OK
p8rnfiy6 7.0 9207e55a924e4aa989dfde4d8d219cf5cc200ce2 2013/04/14 23:07:56 28216 records - OK
bgatwkns 7.0 78855cfb9fbc063889c5405a577fe73188f08789 2013/04/07 23:05:35 23589 records - OK
zypzbpkq 7.0 cec6d34c79d50608520e81b90a23d91f39df0b27 2013/03/31 23:07:37 26946 records - OK
iw7z3qst 7.0 fd3c78d78ea4dae4e252a7f7d76db22e1a679be9 2013/03/24 23:05:37 34778 records - OK
hsk003iw 7.0 268e71b1123ab5e60fd2f38d269fe5f3d22b3697 2013/03/17 23:06:19 11271 records - OK
6hd66ki3 7.0 d196879775b0dc0ee8286f2e4def9adedb5b88df 2013/03/10 23:05:36 12046 records - OK
wj30nw0o 7.0 0db61d4e3235481da8493523538ced712db362c2 2013/03/03 22:05:18 21747 records - OK
5yeb5p5w 7.0 65f99faf227b51883c9f1c854a3f76806b60affb 2013/02/24 22:06:28 11540 records - OK
808igtz4 7.0 17bd7383b9c4b214c5c9029171db8ae1455984a0 2013/02/17 22:06:38 15568 records - OK
djvubacp 7.0 cbe8774953ae403e49370d552b522a5839aa9fdb 2013/02/10 22:06:00 18805 records - OK
k7e60hik 7.0 fb6865c02a3680338e4ee0603579107227313b2b 2013/02/03 22:06:01 32488 records - OK
hcdqey4n 7.0 95fcd2e24cd9b2ec2610656ffa70b8bf46e86a8b 2013/01/27 22:04:52 15470 records - OK
gk0q92zt 7.0 3d710b3dd4580a7eca8c74d2c886d48f5b8b5172 2013/01/20 22:06:27 30093 records - OK
kz3fxh5n 7.0 bddde0b5426b7e5bebd61e1239ca529c87ae6e36 2013/01/13 22:04:41 16158 records - OK
x4w20rqi 7.0 bc40bd9330301e8d7796f489d03357fb711b3121 2013/01/06 22:04:45 19597 records - OK
475hlv68 7.0 805b6089c867549c75f843eac96b759c3f8d101f 2012/12/30 22:05:41 18184 records - OK
mjk2smbr 7.0 c680da06ac6ec011d130e7ac765e33da89e2820a 2012/12/23 22:05:33 29945 records - OK
4cgvg1lw 7.0 33def496782eb5b7b1cc93fdb036a1b62fa6a2fd 2012/12/16 22:06:21 25519 records - OK
6nbyg6rx 7.0 422abae03c588822f412aa9aae50578a1d61737e 2012/12/09 22:05:04 20358 records - OK
x2hg8hx5 7.0 a4f0d0ecad4fb6e0afdb1925f4e0b7863b9d03fa 2012/12/02 22:06:19 20133 records - OK
sgx5alnx 7.0 86daa918ee3de1e4c1e5dea6f9b5f63544cf8814 2012/11/25 22:05:22 27311 records - OK
ikx53fm2 7.0 6556881c748e1f894eb9c7943ebae67017e1aec2 2012/11/18 22:06:09 29434 records - OK
lvws9x1h 7.0 559141ef34f9e6226bb58560e9b52e4cc5165150 2012/11/11 22:06:22 26900 records - OK
00m7drrr 7.0 cc55013e63ff89319ec772e34d77056c7108cd3b 2012/11/04 22:05:22 25164 records - OK
vea1bwm4 7.0 f477dc247d9b562bb64fd4f46a7dcbdf7124eb60 2012/10/28 23:06:37 30226 records - OK
1pspi9zk 7.0 abaf5f7fda7308fcf7573b193bbf2116723e9802 2012/10/21 23:04:37 16441 records - OK
nit4nzcn 7.0 5adc85528fb49e201d4bc61eca580d6839cc4a4c 2012/10/14 23:05:04 26289 records - OK
cnncbl3x 7.0 da8cf3fbd81206bb3d8103347a439f920a74bbe2 2012/10/07 23:05:51 27278 records - OK
qwdlgs7d 7.0 5988744d3cb357f1a013427d466e2d79ab5f8907 2012/09/30 23:05:11 17444 records - OK
5bto081k 7.0 d4a0dabf4a4df0f79805c6ccdc025f796765e786 2012/09/23 23:06:30 21205 records - OK
xjoc4quf 7.0 82ed005784d9e258213070a0cd8bfceff345018d 2012/09/16 23:05:43 11686 records - OK
80yvvaym 7.0 a95ae63004b8d857c2db055f4e47c15bfc97f626 2012/09/09 23:04:34 12677 records - OK
57l15nsp 7.0 c39bf233d25242ae9ed8cf204b9b788c8f45ab79 2012/09/02 23:05:28 10118 records - OK
3c8h5d9g 7.0 d37b5484b009947b7cdd3837dafe8148615401c2 2012/08/26 23:05:26 12602 records - OK
562i97ub 7.0 41bf1347794ab7060dec7aaecc1d1d95cf6fecb5 2012/08/19 23:04:05 18298 records - OK
h8a6h3qo 7.0 1a997511e5892aaeb69b3db70e06676af36382e3 2012/08/12 23:05:19 17126 records - OK
x4nc9dtu 7.0 f7226c59914e3683e538e668c3b664af3232654d 2012/08/05 23:03:53 20539 records - OK
plzk51pd 7.0 4035c8d3b617bf935a317a8c57efaa8e835a61f4 2012/07/29 23:05:26 19330 records - OK
tg53fylv 7.0 09b55bc000f184ed426f1d8b9665669346fe5e71 2012/07/22 23:05:34 19692 records - OK
b8314mkx 7.0 f746c097f298e94faa9db94e6f64ef9fd4a7b010 2012/07/15 23:05:43 14727 records - OK
s1go77zy 7.0 792a6a25a17e764390440cd4c2c6ca5a97ab162f 2012/07/08 23:04:33 19485 records - OK
fa11e8s9 7.0 ca9905c39e3d93428a4db65a192debe9fbd7acf7 2012/07/01 23:04:55 22898 records - OK
ux1l7tx6 7.0 dc29c610b866c66ba5327e7830452b2460149a35 2012/06/24 23:05:17 20551 records - OK
a30rxmv6 7.0 c28739bea153508d12942ac9a61abd475d0a0404 2012/06/17 23:03:35 9661 records - OK
j98vg571 7.0 e5b5835a7c512120c5348e31483a4caa2a845d28 2012/06/10 23:04:32 23632 records - OK
s3pzi4fi 7.0 61853ce89026ef0ebbd80174f1b7dd5d25bbc63a 2012/06/03 23:04:41 12423 records - OK
rbhd5dby 7.0 4e6c9897e153b47ca97b7da48ceed23e555a7761 2012/05/27 23:04:26 15493 records - OK
8i7tucv2 7.0 35f4c105cecd8ec1fd01714abebf30f8f3efb96e 2012/05/20 23:03:29 13065 records - OK
6kkzoz35 7.0 3522aa84677411aa7d67796bb05ea3ab62f02a71 2012/05/13 23:04:24 16238 records - OK
rtmpod5c 7.0 7597333540eda537bd42c0a17d4a6526ad247a2e 2012/05/06 23:04:33 11570 records - OK
7sr68z73 7.0 867814380363bc6ad605acf4b96e02c54dbd60f7 2012/04/29 23:03:28 15478 records - OK
ba9rynv3 7.0 3c04f402d91a19039cb9c223c435dc4ea1bb3da4 2012/04/22 23:05:05 11881 records - OK
9df6xdff 7.0 8d0220a2a50b367e61a51d3b29c2659cde41bb7f 2012/04/15 23:03:29 13578 records - OK
1d0ytycz 7.0 b79dc6f5832ad390108d1880694ec538e8b34bb0 2012/04/08 23:05:02 14292 records - OK
i898wo42 7.0 8ff7cc095c43c2154275b7a54a89bf365e8daf4a 2012/04/01 23:03:24 14084 records - OK
v1birvty 7.0 9502a428b32be4ad08556134e271c9ba03195398 2012/03/25 23:04:43 19126 records - OK
wt9o4nr8 7.0 28c2fabbc645aff41baac12b911a8499ea163536 2012/03/18 23:03:23 14920 records - OK
ce2by9vt 7.0 86de597ff06e58206f94263f2eef33cb41b2530c 2012/03/11 23:03:25 19017 records - OK
yv3pmrbm 7.0 5bd1d666e7c9ca70c34e591dc6c55314ce4b11af 2012/03/04 22:04:32 19691 records - OK
ct9gtnzd 7.0 15a9d10c451d2fcf124700f29f557d9bf338e671 2012/02/26 22:03:21 23605 records - OK
kaf0etj6 7.0 5647d941e5358105ca6558dce78873f06c48d5dc 2012/02/19 22:03:45 19067 records - OK
hns16hnv 7.0 c9b2600cb665ce34e0ccd0f19e0a88cd44437f51 2012/02/12 22:04:49 19019 records - OK
lqjih4rl 7.0 9df2e129e78a9d9ab491186da1329c1dd1190e17 2012/02/05 22:05:25 28028 records - OK
wmmequa5 7.0 b69b9504a51b8777b8e95a4680dc8ac1d8d8c25d 2012/01/29 22:08:41 29444 records - OK
sn5rgigw 7.0 3d7431bdee1a22d6329e017f348db7760f2645ac 2012/01/23 03:22:13 19353 records - OK
urh7tmd9 7.0 e04570f78fb00d758abdf77c534a460980e102c0 2012/01/15 22:12:31 20747 records - OK
lwux943r 7.0 2de2479b112c4416e2375343f57ca789b042aecc 2012/01/08 22:04:30 28052 records - OK
wv4mf6k9 7.0 c4bd9612ff1f71d8bd23b4f1bc114eed1ae2ee6b 2012/01/01 22:04:40 12183 records - OK
mvhfgvrl 7.0 28b1d218ade8f05fdc8550c7456ac3b74f705208 2011/12/25 22:03:33 19984 records - OK
tv9ntefb 7.0 539e41e8f3d97a6f347600c7cef903d9f34e0518 2011/12/18 22:08:45 22627 records - OK
acp58ulf 7.0 f8e81968965f555bce0d02fc9933fee840b97aaf 2011/12/12 15:20:22 49580 records - OK
1bx5iecr 7.0 14751e0f442bba3efc08ee12d82a2815c61cfeb6 2011/12/04 03:00:00 45195 records - OK
7sadc08z 7.0 1a1e6cb9b3096a2cbba2c31d05e11914c0357d52 2011/12/04 02:00:00 165532 records - OK
qdsmypsj 7.0 0f948a7d416c556bfc8a8be2c2c39f998fee6d9e 2011/12/04 01:00:00 170820 records - OK
jx16eg99 7.0 9357c3cc73a4a374346a678f197daa22496c7ae5 2011/12/04 00:00:00 171279 records - OK
oatflg7v 7.0 ae56b06b3d6f1e13c5f10cce4ed68f2cccbf3298 2011/12/03 23:00:00 170253 records - OK
stdm0ydz 7.0 fdaab5c1079d02c94f20d07c39d638cad79d8771 2011/12/03 22:00:00 170291 records - OK
xg40fn5n 7.0 b59d8841e65d7670b2aae7f2b65734269f6c4fe3 2011/12/03 21:00:00 170501 records - OK
qy80qw46 7.0 3946b1d195434cf7a70d144da71c87559475c58f 2011/12/03 20:00:00 353582 records - OK
ppiil2pt 7.0 8df4695f74ea5949551df6044720694e204b13d7 2011/12/03 19:00:00 852776 records - OK
16s4ih2m 7.0 62e79c8817ee7be7de5d83e96e8c692e4928a5c3 2013/08/23 14:11:14 1185 records - OK
c2esurpw 7.0 c1d53c2aef72dfab36a8045897938e7a31f279ac 2013/07/14 23:15:07 1590 records - OK
x7gulr8w 7.0 0cb77ee7a3e6545553585eb6df267a86d4fecbe4 2013/04/21 23:14:29 1680 records - OK
vudzru6m 7.0 6cb68b8fab821702ef054f864ff44917414e50fa 2013/02/03 22:13:43 2078 records - OK
xaaitme0 7.0 cfbe9cf43615f7856e4c35f0fc02e2baf12e39e7 2012/12/16 22:14:14 1725 records - OK
zxei1g5e 7.0 047694e79b1a8d295f27ea9c6565062404f84a57 2012/11/11 22:12:52 2050 records - OK
fjmc9r20 7.0 f3413603f4ee1c88018a78c1f6faf2abeb8fa8c1 2012/09/23 23:13:14 1456 records - OK
j7bq059e 7.0 8871f579eeb7e5e7b70c6dd898afd27391d7daf4 2012/06/24 23:12:36 1421 records - OK
1t83uttd 7.0 3ee43130fe7fec4b367a791892a444d0a791b29b 2012/03/25 23:12:30 1385 records - OK
d6fquunc 7.0 fddc5d687537580c7166dbf117d591593bc62261 2012/01/22 23:56:09 1653 records - OK
et5cw7nk 7.0 da4f9d5049a1ab909acf7150edb7a324ef4d5456 2013/08/23 14:11:02 272 records - OK
riklegi8 7.0 63ff62f7b5aa956912f6c29e7ad7be26569416ff 2013/08/18 23:25:05 1485 records - OK
ezemfq2w 7.0 d95d1ab4adf9a869001802f64960356e903dd478 2013/07/21 23:24:06 2214 records - OK
heugbvoj 7.0 45cdfad530697916adbfea43a8763a4ab0c95beb 2013/05/19 23:24:48 1426 records - OK
hdzex38l 7.0 bd9fd948b79e07c8676018e17a43ee81f5335e36 2013/04/21 23:24:10 1641 records - OK
fme38o6r 7.0 c7f70566b9bae9fd3f5a8d0b56d961f890a55508 2013/03/17 23:23:44 1742 records - OK
c9wauo58 7.0 8893c0d254eb40c78b5c78ea17fbc3be60ea6304 2013/01/20 22:24:33 2016 records - OK
i7elzyjg 7.0 cdf3a9d2dcab57f90c378d9eefacbfd358a42699 2012/12/09 22:23:23 1620 records - OK
q3huwxw9 7.0 c0726ba000e840272f0810b89051e6daa8799084 2012/11/04 22:23:16 1658 records - OK
oigib1wu 7.0 216611859de0125bf130d6324d43c9115cb05def 2012/10/07 23:23:20 1465 records - OK
jhxqdw9v 7.0 264c14ad60c4423ec292f5f8b182e4448504dfa9 2012/09/09 23:23:14 1588 records - OK
x4p78e7c 7.0 33197bfe9efefa9db33725d240757103c625b601 2012/07/22 23:22:36 1702 records - OK
15lilspt 7.0 74d8e114edb84b95bc09d5a2a36191d15a61e2cb 2012/06/10 23:22:36 1659 records - OK
h73kc17d 7.0 79ca8239f310688d2b9c314fa3d738a34985cce3 2012/04/29 23:22:34 1670 records - OK
9arx3xcy 7.0 aac27e986e3731e5260cb76f5b14558e36660dec 2012/03/11 23:22:28 1729 records - OK
ng0pqir3 7.0 fa5c96b8be693a20c2a295e3545419e6f117fdc4 2012/01/29 22:23:00 1523 records - OK
vyx9eh6m 7.0 e9b21e0a3578ef2e2067f4876309671ddc78f65f 2011/12/18 22:22:29 1805 records - OK
93r2i4kl 7.0 8f7a8f6f55130f6becc5331ab38dc2108746b8aa 2011/12/03 18:00:00 26456 records - OK
0trj9p6r 7.0 e6d52b11d2f7d405ccd31347da3b6fde69825168 2011/12/03 17:00:00 74279 records - OK
x2zaesaz 7.0 e20ffde4bbc58e0585b0b3b2f324bc91272c2360 2011/12/03 16:00:00 1 record - OK
Total records count: 4415390
Anti-rootkit module version ( ver: 8.4.201307180, api: 5.01/5.01 )

Using C:\Users\Home\AppData\Local\Temp\A9650260-3A2E3B57-DE0FB9DF-AEE1BE\sta3ssqk.key as Dr.Web ® Key file
This Dr.Web ® Key is for 1 computer (A User)
  • 0

#7
sidhedraoi
Posted 23 August 2013 - 02:57 PM

sidhedraoi

    Member

  • Topic Starter
  • Member
  • PipPip
  • 72 posts
part 2)
-----------------------------------------------------------------------------
Start scanning
-----------------------------------------------------------------------------
Command line used:-rpcep:\pipe\6288643CB8 -rpcpr:np

Object(s) to scan:
- Scan processes in memory
- Scan boot sectors
- Scanning for rootkits
- C:\BOOTNXT
- C:\END
- C:\hiberfil.sys
- C:\pagefile.sys
- C:\Recovery.txt
- C:\swapfile.sys
- C:\WindowsHvc_____.pfb
- C:\Windows\system32\
- C:\Windows\SysWOW64\
- C:\Users\Home\Documents\
- C:\Windows\TEMP\
- C:\Users\Home\AppData\Local\Temp\

c:\windows\system32\ntoskrnl.exe - Ok
c:\windows\system32\hal.dll - Ok
c:\windows\system32\kd.dll - Ok
c:\windows\system32\mcupdate_authenticamd.dll - Ok
c:\windows\system32\drivers\clfs.sys - Ok
c:\windows\system32\drivers\tm.sys - Ok
c:\windows\system32\pshed.dll - Ok
c:\windows\system32\bootvid.dll - Ok
c:\windows\system32\ci.dll - Ok
c:\windows\system32\drivers\msrpc.sys - Ok
c:\windows\system32\drivers\wdf01000.sys - Ok
c:\windows\system32\drivers\wdfldr.sys - Ok
c:\windows\system32\drivers\acpiex.sys - Ok
c:\windows\system32\drivers\wpprecorder.sys - Ok
c:\windows\system32\drivers\acpi.sys - Ok
c:\windows\system32\drivers\wmilib.sys - Ok
c:\windows\system32\drivers\cng.sys - Ok
c:\windows\system32\drivers\msisadrv.sys - Ok
c:\windows\system32\drivers\pci.sys - Ok
c:\windows\system32\drivers\vdrvroot.sys - Ok
c:\windows\system32\drivers\pdc.sys - Ok
c:\windows\system32\drivers\partmgr.sys - Ok
c:\windows\system32\drivers\spaceport.sys - Ok
c:\windows\system32\drivers\volmgr.sys - Ok
c:\windows\system32\drivers\volmgrx.sys - Ok
c:\windows\system32\drivers\pciide.sys - Ok
c:\windows\system32\drivers\pciidex.sys - Ok
c:\windows\system32\drivers\mountmgr.sys - Ok
c:\windows\system32\drivers\atapi.sys - Ok
c:\windows\system32\drivers\ataport.sys - Ok
c:\windows\system32\drivers\amd_sata.sys - Ok
c:\windows\system32\drivers\storport.sys - Ok
c:\windows\system32\drivers\amd_xata.sys - Ok
c:\windows\system32\drivers\fltmgr.sys - Ok
c:\windows\system32\drivers\fileinfo.sys - Ok
c:\windows\system32\drivers\ntfs.sys - Ok
c:\windows\system32\drivers\ksecdd.sys - Ok
c:\windows\system32\drivers\pcw.sys - Ok
c:\windows\system32\drivers\aswkbd.sys - Ok
c:\windows\system32\drivers\fs_rec.sys - Ok
c:\windows\system32\drivers\ndis.sys - Ok
c:\windows\system32\drivers\netio.sys - Ok
c:\windows\system32\drivers\ksecpkg.sys - Ok
c:\windows\system32\drivers\tcpip.sys - Ok
c:\windows\system32\drivers\fwpkclnt.sys - Ok
c:\windows\system32\drivers\wfplwfs.sys - Ok
c:\windows\system32\drivers\fvevol.sys - Ok
c:\windows\system32\drivers\atipcie64.sys - Ok
c:\windows\system32\drivers\volsnap.sys - Ok
c:\windows\system32\drivers\rdyboost.sys - Ok
c:\windows\system32\drivers\mup.sys - Ok
c:\windows\system32\drivers\disk.sys - Ok
c:\windows\system32\drivers\classpnp.sys - Ok
c:\windows\system32\drivers\aswvmm.sys - Ok
c:\windows\system32\drivers\aswrvrt.sys - Ok
c:\windows\system32\drivers\crashdmp.sys - Ok
c:\windows\system32\drivers\cdrom.sys - Ok
c:\windows\system32\drivers\aswsnx.sys - Ok
c:\windows\system32\drivers\null.sys - Ok
c:\windows\system32\drivers\beep.sys - Ok
c:\windows\system32\drivers\basicrender.sys - Ok
c:\windows\system32\drivers\dxgkrnl.sys - Ok
c:\windows\system32\drivers\watchdog.sys - Ok
c:\windows\system32\drivers\dxgmms1.sys - Ok
c:\windows\system32\drivers\basicdisplay.sys - Ok
c:\windows\system32\drivers\npfs.sys - Ok
c:\windows\system32\drivers\msfs.sys - Ok
c:\windows\system32\drivers\tdx.sys - Ok
c:\windows\system32\drivers\tdi.sys - Ok
c:\windows\system32\drivers\aswtdi.sys - Ok
c:\windows\system32\drivers\netbt.sys - Ok
c:\windows\system32\drivers\aswrdr2.sys - Ok
c:\windows\system32\drivers\afd.sys - Ok
c:\windows\system32\drivers\pacer.sys - Ok
c:\windows\system32\drivers\netbios.sys - Ok
c:\windows\system32\drivers\rdbss.sys - Ok
c:\windows\system32\drivers\wanarp.sys - Ok
c:\windows\system32\drivers\nsiproxy.sys - Ok
c:\windows\system32\drivers\npsvctrig.sys - Ok
c:\windows\system32\drivers\mssmbios.sys - Ok
c:\windows\system32\drivers\discache.sys - Ok
c:\windows\system32\drivers\dfsc.sys - Ok
c:\windows\system32\drivers\aswsp.sys - Ok
c:\windows\system32\drivers\ndistapi.sys - Ok
c:\windows\system32\drivers\ndiswan.sys - Ok
c:\windows\system32\drivers\rassstp.sys - Ok
c:\windows\system32\drivers\agilevpn.sys - Ok
c:\windows\system32\drivers\tunnel.sys - Ok
c:\windows\system32\drivers\compositebus.sys - Ok
c:\windows\system32\drivers\kdnic.sys - Ok
c:\windows\system32\drivers\umbus.sys - Ok
c:\windows\system32\drivers\atikmpag.sys - Ok
c:\windows\system32\drivers\atikmdag.sys - Ok
c:\windows\system32\drivers\hdaudbus.sys - Ok
c:\windows\system32\drivers\rt630x64.sys - Ok
c:\windows\system32\drivers\usbxhci.sys - Ok
c:\windows\system32\drivers\ucx01000.sys - Ok
c:\windows\system32\drivers\usbohci.sys - Ok
c:\windows\system32\drivers\usbport.sys - Ok
c:\windows\system32\drivers\fastfat.sys - Ok
c:\windows\system32\drivers\usbfilter.sys - Ok
c:\windows\system32\drivers\usbehci.sys - Ok
c:\windows\system32\drivers\amdppm.sys - Ok
c:\windows\system32\drivers\wmiacpi.sys - Ok
c:\windows\system32\drivers\raspptp.sys - Ok
c:\windows\system32\drivers\rasl2tp.sys - Ok
c:\windows\system32\drivers\raspppoe.sys - Ok
c:\windows\system32\drivers\swenum.sys - Ok
c:\windows\system32\drivers\ks.sys - Ok
c:\windows\system32\drivers\rdpbus.sys - Ok
c:\windows\system32\drivers\ndproxy.sys - Ok
c:\windows\system32\drivers\usbhub.sys - Ok
c:\windows\system32\drivers\usbd.sys - Ok
c:\windows\system32\drivers\usbhub3.sys - Ok
c:\windows\system32\drivers\rtkvhd64.sys - Ok
c:\windows\system32\drivers\portcls.sys - Ok
c:\windows\system32\drivers\drmk.sys - Ok
c:\windows\system32\drivers\ksthunk.sys - Ok
c:\windows\system32\drivers\atihdw86.sys - Ok
c:\windows\system32\drivers\dump_diskdump.sys - file not found
c:\windows\system32\drivers\dump_amd_sata.sys - file not found
c:\windows\system32\drivers\dump_dumpfve.sys - file not found
c:\windows\system32\drivers\usbccgp.sys - Ok
c:\windows\system32\drivers\hidusb.sys - Ok
c:\windows\system32\drivers\hidclass.sys - Ok
c:\windows\system32\drivers\hidparse.sys - Ok
c:\windows\system32\drivers\kbdhid.sys - Ok
c:\windows\system32\drivers\kbdclass.sys - Ok
c:\windows\system32\drivers\mouhid.sys - Ok
c:\windows\system32\drivers\mouclass.sys - Ok
c:\windows\system32\drivers\rtsustor.sys - Ok
c:\windows\system32\drivers\usbstor.sys - Ok
c:\windows\system32\win32k.sys - Ok
c:\windows\system32\tsddd.dll - Ok
c:\windows\system32\atmfd.dll - Ok
c:\windows\system32\drivers\luafv.sys - Ok
c:\windows\system32\drivers\aswmonflt.sys - Ok
c:\windows\system32\drivers\aswfsblk.sys - Ok
c:\windows\system32\drivers\monitor.sys - Ok
c:\windows\system32\drivers\usbscan.sys - Ok
c:\windows\system32\drivers\usbprint.sys - Ok
c:\windows\system32\drivers\appexdrv.sys - Ok
c:\windows\system32\drivers\lltdio.sys - Ok
c:\windows\system32\drivers\rspndr.sys - Ok
c:\windows\system32\drivers\condrv.sys - Ok
>c:\windows\system32\drivers\http.sys is BINARYRES container
c:\windows\system32\drivers\http.sys - container
c:\windows\system32\drivers\bowser.sys - Ok
c:\windows\system32\drivers\mpsdrv.sys - Ok
c:\windows\system32\drivers\mrxsmb.sys - Ok
c:\windows\system32\drivers\mrxsmb10.sys - Ok
c:\windows\system32\drivers\mrxsmb20.sys - Ok
c:\windows\system32\drivers\ndu.sys - Ok
c:\windows\system32\drivers\peauth.sys - Ok
c:\windows\system32\drivers\secdrv.sys - Ok
c:\windows\system32\drivers\srvnet.sys - Ok
c:\windows\system32\drivers\tcpipreg.sys - Ok
c:\windows\system32\drivers\srv2.sys - Ok
c:\windows\system32\drivers\srv.sys - Ok
c:\windows\system32\drivers\wudfpf.sys - Ok
c:\windows\system32\drivers\wudfrd.sys - Ok
c:\windows\system32\drivers\wpdupfltr.sys - Ok
c:\windows\system32\drivers\umpass.sys - Ok
c:\windows\system32\drivers\asyncmac.sys - Ok
c:\windows\system32\cdd.dll - Ok
c:\users\home\appdata\local\temp\6288884671.sys - file not found
c:\users\home\appdata\local\temp\6289575d44.sys - file not found
System Idle Process - file not found
System Process - file not found
c:\windows\system32\smss.exe - Ok
c:\windows\system32\csrss.exe - Ok
c:\windows\system32\wininit.exe - Ok
c:\windows\system32\services.exe - Ok
c:\windows\system32\lsass.exe - Ok
c:\windows\system32\svchost.exe - Ok
c:\windows\system32\atiesrxx.exe - Ok
c:\program files\avast software\avast\avastsvc.exe - Ok
c:\windows\system32\spoolsv.exe - Ok
c:\program files\ati technologies\ati.ace\fuel\fuel.service.exe - Ok
c:\windows\system32\dashost.exe - Ok
c:\windows\system32\lxducoms.exe - Ok
c:\windows\system32\dllhost.exe - Ok
c:\windows\system32\wudfhost.exe - Ok
c:\program files (x86)\realtek\realtek usb 2.0 card reader\riconman.exe - Ok
c:\program files (x86)\nero\update\nasvc.exe - Ok
c:\windows\system32\searchindexer.exe - Ok
c:\program files\windows media player\wmpnetwk.exe - Ok
c:\windows\system32\taskhost.exe - Ok
c:\program files\avast software\avast\avastui.exe - Ok
c:\program files\gateway\gateway power management\epowersvc.exe - Ok
c:\windows\system32\winlogon.exe - Ok
c:\windows\system32\dwm.exe - Ok
c:\windows\system32\atieclxx.exe - Ok
c:\windows\system32\taskhostex.exe - Ok
c:\windows\system32\taskeng.exe - Ok
c:\windows\explorer.exe - Ok
c:\program files (x86)\gateway\hotkey utility\hotkeyutility.exe - Ok
c:\windows\system32\searchprotocolhost.exe - Ok
c:\program files (x86)\google\chrome\application\chrome.exe - Ok
>c:\program files\realtek\audio\hda\ravcpl64.exe - packed by BINARYRES
c:\program files\realtek\audio\hda\ravcpl64.exe - Ok
c:\program files (x86)\lexmark 5600-6600 series\lxdumon.exe - Ok
c:\program files (x86)\lexmark 5600-6600 series\ezprint.exe - Ok
>c:\users\home\appdata\roaming\utorrent\utorrent.exe - packed by UPX
>>c:\users\home\appdata\roaming\utorrent\utorrent.exe is BINARYRES container
>>>c:\users\home\appdata\roaming\utorrent\utorrent.exe\data001 - packed by UPX
>>>c:\users\home\appdata\roaming\utorrent\utorrent.exe\data002 - packed by UPX
c:\users\home\appdata\roaming\utorrent\utorrent.exe - container
c:\users\home\appdata\roaming\utorrent\virusguard\bittorrentantivirus.exe - Ok
c:\program files (x86)\divx\divx update\divxupdate.exe - Ok
c:\program files\gateway\gateway power management\epowertray.exe - Ok
>c:\users\home\desktop\otl.exe - packed by PECOMPACT
c:\users\home\desktop\otl.exe - Ok
c:\windows\system32\notepad.exe - Ok
c:\program files (x86)\ati technologies\ati.ace\core-static\mom.exe - Ok
c:\program files (x86)\ati technologies\ati.ace\core-static\ccc.exe - Ok
c:\windows\syswow64\wwahost.exe - Ok
c:\windows\system32\searchfilterhost.exe - Ok
c:\windows\system32\audiodg.exe - Ok
>c:\users\home\downloads\qi5sx3mz.exe is BINARYRES container
>>c:\users\home\downloads\qi5sx3mz.exe\data001 - packed by BINARYRES
>>c:\users\home\downloads\qi5sx3mz.exe\data002 - packed by BINARYRES
c:\users\home\downloads\qi5sx3mz.exe - container
c:\users\home\appdata\local\temp\a9650260-3a2e3b57-de0fb9df-aee1be\m3po52l3.exe - Ok
>c:\users\home\appdata\local\temp\a9650260-3a2e3b57-de0fb9df-aee1be\z61xi9zy.exe is BINARYRES container
c:\users\home\appdata\local\temp\a9650260-3a2e3b57-de0fb9df-aee1be\z61xi9zy.exe - container
c:\windows\system32\wbem\wmiprvse.exe - Ok
c:\users\home\appdata\local\temp\a9650260-3a2e3b57-de0fb9df-aee1be\j9nit82x.exe - Ok
c:\windows\system32\ntdll.dll - Ok
c:\windows\system32\bcryptprimitives.dll - Ok
c:\windows\system32\cryptbase.dll - Ok
c:\windows\system32\sxs.dll - Ok
c:\windows\system32\sxssrv.dll - Ok
c:\windows\system32\winsrv.dll - Ok
c:\windows\system32\basesrv.dll - Ok
c:\windows\system32\csrsrv.dll - Ok
c:\windows\system32\kernelbase.dll - Ok
c:\windows\system32\kernel32.dll - Ok
c:\windows\system32\rpcrt4.dll - Ok
c:\windows\system32\gdi32.dll - Ok
c:\windows\system32\user32.dll - Ok
c:\windows\system32\mswsock.dll - Ok
c:\windows\system32\sspicli.dll - Ok
c:\windows\system32\wininitext.dll - Ok
c:\windows\system32\profapi.dll - Ok
c:\windows\system32\sechost.dll - Ok
c:\windows\system32\msvcrt.dll - Ok
c:\windows\system32\nsi.dll - Ok
c:\windows\system32\ws2_32.dll - Ok
c:\windows\system32\avrt.dll - Ok
c:\windows\system32\apphelp.dll - Ok
c:\windows\system32\authz.dll - Ok
c:\windows\system32\scesrv.dll - Ok
c:\windows\system32\spinf.dll - Ok
c:\windows\system32\srvcli.dll - Ok
c:\windows\system32\ubpm.dll - Ok
c:\windows\system32\scext.dll - Ok
c:\windows\system32\wtsapi32.dll - Ok
c:\windows\system32\winsta.dll - Ok
c:\windows\system32\powrprof.dll - Ok
c:\windows\system32\vaultsvc.dll - Ok
c:\windows\system32\certpoleng.dll - Ok
c:\windows\system32\keyiso.dll - Ok
c:\windows\system32\dssenh.dll - Ok
c:\windows\system32\ncryptprov.dll - Ok
c:\windows\system32\ncryptsslp.dll - Ok
c:\windows\system32\dsparse.dll - Ok
c:\windows\system32\winnsi.dll - Ok
c:\windows\system32\iphlpapi.dll - Ok
c:\windows\system32\wkscli.dll - Ok
c:\windows\system32\wevtapi.dll - Ok
c:\windows\system32\dpapi.dll - Ok
c:\windows\system32\gpapi.dll - Ok
c:\windows\system32\netutils.dll - Ok
c:\windows\system32\scecli.dll - Ok
c:\windows\system32\dpapisrv.dll - Ok
c:\windows\system32\efslsaext.dll - Ok
c:\windows\system32\livessp.dll - Ok
c:\windows\system32\pku2u.dll - Ok
c:\windows\system32\tspkg.dll - Ok
c:\windows\system32\rsaenh.dll - Ok
c:\windows\system32\wdigest.dll - Ok
c:\windows\system32\schannel.dll - Ok
c:\windows\system32\userenv.dll - Ok
c:\windows\system32\logoncli.dll - Ok
c:\windows\system32\dnsapi.dll - Ok
c:\windows\system32\netlogon.dll - Ok
c:\windows\system32\msv1_0.dll - Ok
c:\windows\system32\cryptsp.dll - Ok
c:\windows\system32\kerberos.dll - Ok
c:\windows\system32\cryptdll.dll - Ok
c:\windows\system32\negoexts.dll - Ok
c:\windows\system32\netjoin.dll - Ok
c:\windows\system32\msprivs.dll - Ok
c:\windows\system32\ntasn1.dll - Ok
c:\windows\system32\ncrypt.dll - Ok
c:\windows\system32\bcrypt.dll - Ok
c:\windows\system32\samsrv.dll - Ok
c:\windows\system32\lsasrv.dll - Ok
c:\windows\system32\sspisrv.dll - Ok
c:\windows\system32\msasn1.dll - Ok
c:\windows\system32\crypt32.dll - Ok
c:\windows\system32\advapi32.dll - Ok
c:\windows\system32\combase.dll - Ok
c:\windows\system32\actxprxy.dll - Ok
c:\windows\system32\wmsgapi.dll - Ok
c:\windows\system32\sysntfy.dll - Ok
c:\windows\system32\psmsrv.dll - Ok
c:\windows\system32\lsm.dll - Ok
c:\windows\system32\bisrv.dll - Ok
c:\windows\system32\rpcss.dll - Ok
c:\windows\system32\hid.dll - Ok
c:\windows\system32\pcwum.dll - Ok
c:\windows\system32\umpoext.dll - Ok
c:\windows\system32\umpo.dll - Ok
c:\windows\system32\devrtl.dll - Ok
c:\windows\system32\umpnpmgr.dll - Ok
c:\windows\system32\cfgmgr32.dll - Ok
c:\windows\system32\clbcatq.dll - Ok
c:\windows\system32\oleaut32.dll - Ok
c:\windows\system32\fwpuclnt.dll - Ok
c:\windows\system32\firewallapi.dll - Ok
c:\windows\system32\rpcrtremote.dll - Ok
c:\windows\system32\rpcepmap.dll - Ok
>c:\windows\system32\ole32.dll is BINARYRES container
c:\windows\system32\ole32.dll - container
c:\windows\system32\psapi.dll - Ok
c:\windows\system32\rtkapo64.dll - Ok
c:\windows\system32\tquery.dll - Ok
c:\windows\system32\audiokse.dll - Ok
c:\windows\system32\wmalfxgfxdsp.dll - Ok
c:\windows\system32\audioses.dll - Ok
c:\windows\system32\deviceaccess.dll - Ok
>c:\windows\system32\mfplat.dll - packed by PESTUB
c:\windows\system32\mfplat.dll - Ok
c:\windows\system32\cabinet.dll - Ok
c:\windows\system32\wuapi.dll - Ok
c:\windows\system32\wscsvc.dll - Ok
c:\windows\system32\twinapi.dll - Ok
c:\windows\system32\dbghelp.dll - Ok
c:\windows\system32\fdproxy.dll - Ok
c:\windows\system32\p2p.dll - Ok
c:\windows\system32\provsvc.dll - Ok
c:\windows\system32\wbem\wbemsvc.dll - Ok
c:\windows\system32\wbem\fastprox.dll - Ok
c:\windows\system32\wbem\wbemprox.dll - Ok
c:\windows\system32\npmproxy.dll - Ok
c:\windows\system32\napinsp.dll - Ok
c:\windows\system32\pnrpnsp.dll - Ok
c:\windows\system32\winrnr.dll - Ok
c:\windows\system32\audioeng.dll - Ok
c:\windows\system32\wbemcomn.dll - Ok
c:\windows\system32\fundisc.dll - Ok
c:\windows\system32\winhttp.dll - Ok
c:\windows\system32\rasadhlp.dll - Ok
c:\windows\system32\idstore.dll - Ok
c:\windows\system32\propsys.dll - Ok
c:\windows\system32\samlib.dll - Ok
c:\windows\system32\shacct.dll - Ok
c:\windows\system32\dhcpcsvc.dll - Ok
c:\windows\system32\dhcpcsvc6.dll - Ok
c:\windows\system32\xmllite.dll - Ok
c:\windows\system32\dhcpcore6.dll - Ok
c:\windows\system32\wmiclnt.dll - Ok
c:\windows\system32\wcmcsp.dll - Ok
c:\windows\system32\dhcpcore.dll - Ok
c:\windows\system32\wcmsvc.dll - Ok
c:\windows\system32\nrpsrv.dll - Ok
c:\windows\system32\audiosrv.dll - Ok
c:\windows\system32\mmdevapi.dll - Ok
c:\windows\system32\lmhsvc.dll - Ok
c:\windows\system32\version.dll - Ok
c:\windows\system32\nlaapi.dll - Ok
c:\windows\system32\wevtsvc.dll - Ok
c:\windows\system32\shcore.dll - Ok
c:\windows\system32\devobj.dll - Ok
c:\windows\system32\wintrust.dll - Ok
c:\windows\system32\setupapi.dll - Ok
c:\windows\system32\shlwapi.dll - Ok
c:\windows\system32\imagehlp.dll - Ok
c:\windows\system32\shell32.dll - Ok
c:\windows\system32\seclogon.dll - Ok
c:\windows\system32\wlidsvc.dll - Ok
c:\windows\system32\netshell.dll - Ok
c:\windows\system32\tschannel.dll - Ok
c:\windows\system32\elslad.dll - Ok
c:\windows\system32\wbem\wbemess.dll - Ok
c:\windows\system32\wbem\wmiprvsd.dll - Ok
c:\windows\system32\aelupsvc.dll - Ok
c:\windows\system32\mpr.dll - Ok
c:\windows\system32\appxdeploymentclient.dll - Ok
c:\windows\system32\systemeventsbrokerserver.dll - Ok
c:\windows\system32\wbem\repdrvfs.dll - Ok
c:\windows\system32\webio.dll - Ok
c:\windows\system32\cryptnet.dll - Ok
c:\windows\system32\wbem\wmiutils.dll - Ok
c:\windows\system32\timebrokerclient.dll - Ok
c:\windows\system32\qmgrprxy.dll - Ok
c:\windows\system32\msxml6.dll - Ok
c:\windows\system32\wbem\esscli.dll - Ok
c:\windows\system32\wbem\wbemcore.dll - Ok
c:\windows\system32\hnetcfg.dll - Ok
c:\windows\system32\wbem\ncprov.dll - Ok
c:\windows\system32\upnp.dll - Ok
c:\windows\system32\bitsigd.dll - Ok
c:\windows\system32\appinfo.dll - Ok
c:\windows\system32\bitsperf.dll - Ok
c:\windows\system32\qmgr.dll - Ok
c:\windows\system32\clusapi.dll - Ok
c:\windows\system32\cscapi.dll - Ok
c:\windows\system32\secur32.dll - Ok
c:\windows\system32\mmcss.dll - Ok
c:\windows\system32\adsldpc.dll - Ok
c:\windows\system32\activeds.dll - Ok
c:\windows\system32\resutils.dll - Ok
c:\windows\system32\wmidcom.dll - Ok
c:\windows\system32\miutils.dll - Ok
c:\windows\system32\mi.dll - Ok
c:\windows\system32\sscoreext.dll - Ok
c:\windows\system32\sscore.dll - Ok
c:\windows\system32\nci.dll - Ok
c:\windows\system32\wdscore.dll - Ok
c:\windows\system32\browser.dll - Ok
c:\windows\system32\srvsvc.dll - Ok
c:\windows\system32\bi.dll - Ok
c:\windows\system32\netprofm.dll - Ok
c:\windows\system32\sqmapi.dll - Ok
c:\windows\system32\ncbservice.dll - Ok
c:\windows\system32\adhsvc.dll - Ok
c:\windows\system32\httpprxm.dll - Ok
c:\windows\system32\iphlpsvc.dll - Ok
c:\windows\system32\wbem\wmisvc.dll - Ok
c:\windows\system32\ssdpapi.dll - Ok
c:\windows\system32\winspool.drv - Ok
c:\windows\system32\vsstrace.dll - Ok
c:\windows\system32\vssapi.dll - Ok
c:\windows\system32\ikeext.dll - Ok
c:\windows\system32\ncobjapi.dll - Ok
c:\windows\system32\ntmarta.dll - Ok
c:\windows\system32\taskcomp.dll - Ok
c:\windows\system32\proximitycommon.dll - Ok
c:\windows\system32\wlanapi.dll - Ok
c:\windows\system32\proximityservice.dll - Ok
c:\windows\system32\ktmw32.dll - Ok
c:\windows\system32\schedsvc.dll - Ok
c:\windows\system32\fvecerts.dll - Ok
c:\windows\system32\fveapi.dll - Ok
c:\windows\system32\shsvcs.dll - Ok
c:\windows\system32\rasman.dll - Ok
c:\windows\system32\rtutils.dll - Ok
c:\windows\system32\rasapi32.dll - Ok
c:\windows\system32\bitsprx2.dll - Ok
c:\windows\system32\bitsprx3.dll - Ok
c:\windows\system32\bitsprx5.dll - Ok
c:\windows\system32\slc.dll - Ok
c:\windows\system32\bitsprx7.dll - Ok
c:\windows\system32\bitsprx6.dll - Ok
c:\windows\system32\bcp47langs.dll - Ok
c:\windows\system32\sens.dll - Ok
c:\windows\system32\taskschd.dll - Ok
c:\windows\system32\dfscli.dll - Ok
c:\windows\system32\atl.dll - Ok
c:\windows\system32\netapi32.dll - Ok
c:\windows\system32\ntdsapi.dll - Ok
c:\windows\system32\profsvcext.dll - Ok
c:\windows\system32\dsrole.dll - Ok
c:\windows\system32\themeservice.dll - Ok
c:\windows\system32\gpsvc.dll - Ok
c:\windows\system32\profsvc.dll - Ok
c:\windows\system32\samcli.dll - Ok
c:\windows\system32\wldap32.dll - Ok
c:\windows\system32\fthsvc.dll - Ok
c:\windows\system32\fdssdp.dll - Ok
c:\windows\system32\fdwsd.dll - Ok
c:\windows\system32\fdphost.dll - Ok
c:\windows\system32\webservices.dll - Ok
c:\windows\system32\wsdapi.dll - Ok
c:\windows\system32\wer.dll - Ok
c:\windows\system32\perftrack.dll - Ok
c:\windows\system32\wdi.dll - Ok
c:\windows\system32\netprofmsvc.dll - Ok
c:\windows\system32\sfc_os.dll - Ok
c:\windows\system32\aepic.dll - Ok
c:\windows\system32\nsisvc.dll - Ok
c:\windows\system32\fntcache.dll - Ok
c:\windows\system32\es.dll - Ok
c:\windows\system32\ntshrui.dll - Ok
c:\windows\system32\davhlpr.dll - Ok
c:\windows\system32\davclnt.dll - Ok
c:\windows\system32\ntlanman.dll - Ok
c:\windows\system32\drprov.dll - Ok
c:\windows\system32\networkexplorer.dll - Ok
c:\windows\system32\linkinfo.dll - Ok
c:\windows\system32\wudfplatform.dll - Ok
c:\windows\system32\idlisten.dll - Ok
c:\windows\system32\hgprint.dll - Ok
c:\windows\system32\fhlisten.dll - Ok
c:\windows\system32\listsvc.dll - Ok
c:\windows\system32\wudfsvc.dll - Ok
c:\windows\system32\wlidprov.dll - Ok
c:\windows\system32\portabledeviceconnectapi.dll - Ok
c:\windows\system32\umb.dll - Ok
c:\windows\system32\netman.dll - Ok
c:\windows\system32\hidserv.dll - Ok
c:\windows\system32\wpdbusenum.dll - Ok
c:\windows\system32\pcacli.dll - Ok
c:\windows\system32\trkwks.dll - Ok
c:\windows\system32\sysmain.dll - Ok
c:\windows\system32\pcasvc.dll - Ok
c:\windows\system32\das.dll - Ok
c:\windows\system32\pcadm.dll - Ok
c:\program files\windows media player\wmpmediasharing.dll - Ok
c:\windows\system32\apphlpdm.dll - Ok
c:\windows\system32\shdocvw.dll - Ok
c:\windows\system32\radardt.dll - Ok
c:\windows\system32\audioendpointbuilder.dll - Ok
c:\windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef\comctl32.dll - Ok
c:\windows\system32\uxtheme.dll - Ok
c:\windows\system32\vss_ps.dll - Ok
>c:\windows\system32\drvstore.dll - packed by BINARYRES
>>c:\windows\system32\drvstore.dll - packed by MS COMPRESS
c:\windows\system32\drvstore.dll - Ok
c:\windows\system32\esent.dll - Ok
>c:\windows\system32\msxml3.dll is BINARYRES container
>>c:\windows\system32\msxml3.dll\data001 is JS-HTML container
>>c:\windows\system32\msxml3.dll\data002 is JS-HTML container
>>c:\windows\system32\msxml3.dll\data003 is JS-HTML container
c:\windows\system32\msxml3.dll - container
c:\windows\system32\ncsi.dll - Ok
c:\windows\system32\nlasvc.dll - Ok
c:\windows\system32\cryptcatsvc.dll - Ok
c:\windows\system32\cryptsvc.dll - Ok
c:\windows\system32\wkssvc.dll - Ok
c:\windows\system32\dnsext.dll - Ok
c:\windows\system32\dnsrslvr.dll - Ok
>c:\program files\avast software\avast\defs\13082300\aswengin.dll is BINARYRES container
>>c:\program files\avast software\avast\defs\13082300\aswengin.dll\data001 is LZMA container
>>c:\program files\avast software\avast\defs\13082300\aswengin.dll\data002 - packed by MS COMPRESS
c:\program files\avast software\avast\defs\13082300\aswengin.dll - container
>c:\program files\avast software\avast\defs\13082300\algo.dll is BINARYRES container
>>c:\program files\avast software\avast\defs\13082300\algo.dll\data001 - packed by XOREXE
>>>c:\program files\avast software\avast\defs\13082300\algo.dll\data001 - packed by FLY-CODE
c:\program files\avast software\avast\defs\13082300\algo.dll - container
  • 0

#8
sidhedraoi
Posted 23 August 2013 - 02:59 PM

sidhedraoi

    Member

  • Topic Starter
  • Member
  • PipPip
  • 72 posts
part 3)
>c:\program files\avast software\avast\defs\13082300\swhealthex.dll is BINARYRES container
>>c:\program files\avast software\avast\defs\13082300\swhealthex.dll\data001 is JS-HTML container
>>c:\program files\avast software\avast\defs\13082300\swhealthex.dll\data002 is JS-HTML container
>>c:\program files\avast software\avast\defs\13082300\swhealthex.dll\data003 is JS-HTML container
>>c:\program files\avast software\avast\defs\13082300\swhealthex.dll\data004 is JS-HTML container
>>c:\program files\avast software\avast\defs\13082300\swhealthex.dll\data005 is JS-HTML container
>>c:\program files\avast software\avast\defs\13082300\swhealthex.dll\data007 is JS-HTML container
>>c:\program files\avast software\avast\defs\13082300\swhealthex.dll\data008 is JS-HTML container
>>c:\program files\avast software\avast\defs\13082300\swhealthex.dll\data010 is JS-HTML container
>>c:\program files\avast software\avast\defs\13082300\swhealthex.dll\data011 is JS-HTML container
>>c:\program files\avast software\avast\defs\13082300\swhealthex.dll\data012 is JS-HTML container
>>c:\program files\avast software\avast\defs\13082300\swhealthex.dll\data013 is JS-HTML container
>>c:\program files\avast software\avast\defs\13082300\swhealthex.dll\data014 is JS-HTML container
>>c:\program files\avast software\avast\defs\13082300\swhealthex.dll\data015 is JS-HTML container
>>c:\program files\avast software\avast\defs\13082300\swhealthex.dll\data017 is JS-HTML container
>>c:\program files\avast software\avast\defs\13082300\swhealthex.dll\data018 is JS-HTML container
>>c:\program files\avast software\avast\defs\13082300\swhealthex.dll\data019 is JS-HTML container
>>c:\program files\avast software\avast\defs\13082300\swhealthex.dll\data020 is JS-HTML container
>>c:\program files\avast software\avast\defs\13082300\swhealthex.dll\data021 is JS-HTML container
>>c:\program files\avast software\avast\defs\13082300\swhealthex.dll\data022 is JS-HTML container
>>c:\program files\avast software\avast\defs\13082300\swhealthex.dll\data023 is JS-HTML container
>>c:\program files\avast software\avast\defs\13082300\swhealthex.dll\data024 is JS-HTML container
c:\program files\avast software\avast\defs\13082300\swhealthex.dll - container
c:\program files\avast software\avast\defs\13082300\aswfidb.dll - Ok
c:\program files\avast software\avast\defs\13082300\aswrep.dll - Ok
>c:\program files\avast software\avast\defs\13082300\aswcmnbs.dll is BINARYRES container
c:\program files\avast software\avast\defs\13082300\aswcmnbs.dll - container
c:\program files\avast software\avast\defs\13082300\aswscan.dll - Ok
c:\program files\avast software\avast\defs\13082300\aswcmnis.dll - Ok
>c:\program files\avast software\avast\defs\13082300\aswcmnos.dll is BINARYRES container
>>c:\program files\avast software\avast\defs\13082300\aswcmnos.dll\data001 - packed by XOREXE
>>>c:\program files\avast software\avast\defs\13082300\aswcmnos.dll\data001 - packed by BINARYRES
c:\program files\avast software\avast\defs\13082300\aswcmnos.dll - container
c:\windows\syswow64\cryptnet.dll - Ok
c:\windows\syswow64\wbem\fastprox.dll - Ok
c:\windows\syswow64\wbemcomn.dll - Ok
c:\windows\syswow64\ntasn1.dll - Ok
c:\windows\syswow64\bcrypt.dll - Ok
c:\windows\syswow64\ncrypt.dll - Ok
c:\windows\syswow64\wbem\wbemsvc.dll - Ok
c:\windows\syswow64\wbem\wbemprox.dll - Ok
c:\windows\syswow64\ntmarta.dll - Ok
c:\windows\syswow64\ncryptsslp.dll - Ok
c:\windows\syswow64\gpapi.dll - Ok
c:\windows\syswow64\schannel.dll - Ok
c:\windows\syswow64\qmgrprxy.dll - Ok
c:\windows\syswow64\wscproxystub.dll - Ok
c:\windows\syswow64\webio.dll - Ok
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5\comctl32.dll - Ok
c:\windows\syswow64\mpr.dll - Ok
c:\windows\syswow64\samlib.dll - Ok
c:\windows\syswow64\shcore.dll - Ok
c:\windows\syswow64\dpapi.dll - Ok
c:\windows\syswow64\samcli.dll - Ok
c:\program files\avast software\avast\aswpatchmgt.dll - Ok
>c:\program files\avast software\avast\ashwsftr.dll is BINARYRES container
c:\program files\avast software\avast\ashwsftr.dll - container
c:\windows\syswow64\security.dll - Ok
>c:\windows\syswow64\rasadhlp.dll - packed by FLY-CODE
c:\windows\syswow64\rasadhlp.dll - Ok
c:\windows\syswow64\fwpuclnt.dll - Ok
c:\windows\syswow64\winrnr.dll - Ok
c:\windows\syswow64\dnsapi.dll - Ok
c:\windows\syswow64\pnrpnsp.dll - Ok
c:\windows\syswow64\napinsp.dll - Ok
c:\program files\avast software\avast\ashwebsv.dll - Ok
c:\windows\syswow64\mswsock.dll - Ok
c:\windows\syswow64\profapi.dll - Ok
c:\windows\syswow64\userenv.dll - Ok
c:\program files\avast software\avast\libeay32.dll - Ok
c:\program files\avast software\avast\ssleay32.dll - Ok
c:\program files\avast software\avast\ashmaisv.dll - Ok
c:\windows\syswow64\rsaenh.dll - Ok
c:\windows\syswow64\cryptsp.dll - Ok
c:\windows\syswow64\nlaapi.dll - Ok
c:\windows\syswow64\netshell.dll - Ok
c:\windows\syswow64\wlanapi.dll - Ok
c:\windows\syswow64\dhcpcsvc.dll - Ok
c:\program files\avast software\avast\ahresws.dll - Ok
c:\program files\avast software\avast\ahresstd.dll - Ok
c:\program files\avast software\avast\ahresp2p.dll - Ok
c:\program files\avast software\avast\ahresns.dll - Ok
c:\program files\avast software\avast\ahresmes.dll - Ok
c:\program files\avast software\avast\ahresmai.dll - Ok
c:\windows\syswow64\wkscli.dll - Ok
c:\windows\syswow64\srvcli.dll - Ok
c:\windows\syswow64\netutils.dll - Ok
c:\windows\syswow64\netapi32.dll - Ok
c:\windows\syswow64\dhcpcsvc6.dll - Ok
>c:\program files\avast software\avast\ahresjs.dll - packed by FLY-CODE
c:\program files\avast software\avast\ahresjs.dll - Ok
c:\program files\avast software\avast\ahresbhv.dll - Ok
c:\windows\syswow64\winsta.dll - Ok
c:\windows\syswow64\wtsapi32.dll - Ok
>c:\windows\syswow64\fltlib.dll - packed by FLY-CODE
c:\windows\syswow64\fltlib.dll - Ok
>c:\windows\syswow64\secur32.dll - packed by FLY-CODE
c:\windows\syswow64\secur32.dll - Ok
c:\windows\syswow64\wscapi.dll - Ok
c:\windows\syswow64\wscisvif.dll - Ok
c:\windows\syswow64\winnsi.dll - Ok
c:\windows\syswow64\iphlpapi.dll - Ok
c:\program files\avast software\avast\aswsqlt.dll - Ok
c:\program files\avast software\avast\avastip.dll - Ok
c:\program files\avast software\avast\aswstrm.dll - Ok
>c:\program files\avast software\avast\aavm4h.dll - packed by BINARYRES
c:\program files\avast software\avast\aavm4h.dll - Ok
c:\program files\avast software\avast\aswdld.dll - Ok
c:\program files\avast software\avast\aswlog.dll - Ok
c:\program files\avast software\avast\aswidle.dll - Ok
c:\program files\avast software\avast\ashtaskex.dll - Ok
c:\program files\avast software\avast\ashtask.dll - Ok
c:\program files\avast software\avast\aswaux.dll - Ok
c:\program files\avast software\avast\aavmrpch.dll - Ok
>c:\program files\avast software\avast\ashserv.dll is BINARYRES container
c:\program files\avast software\avast\ashserv.dll - container
c:\program files\avast software\avast\1033\base.dll - Ok
c:\program files\avast software\avast\aswproperty.dll - Ok
c:\windows\syswow64\winhttp.dll - Ok
>c:\program files\avast software\avast\dbghelp.dll - packed by PESTUB
c:\program files\avast software\avast\dbghelp.dll - Ok
c:\program files\avast software\avast\aswengldr.dll - Ok
c:\windows\syswow64\version.dll - Ok
c:\windows\syswow64\wsock32.dll - Ok
c:\program files\avast software\avast\aswcmnis.dll - Ok
>c:\program files\avast software\avast\aswcmnos.dll is BINARYRES container
>>c:\program files\avast software\avast\aswcmnos.dll\data001 - packed by XOREXE
>>>c:\program files\avast software\avast\aswcmnos.dll\data001 - packed by BINARYRES
c:\program files\avast software\avast\aswcmnos.dll - container
c:\windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6871_none_50944e7cbcb706e5\msvcr90.dll - Ok
c:\windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6871_none_50944e7cbcb706e5\msvcp90.dll - Ok
c:\program files\avast software\avast\ashbase.dll - Ok
>c:\program files\avast software\avast\aswcmnbs.dll is BINARYRES container
c:\program files\avast software\avast\aswcmnbs.dll - container
c:\windows\syswow64\apphelp.dll - Ok
c:\windows\syswow64\bcryptprimitives.dll - Ok
c:\windows\syswow64\cryptbase.dll - Ok
c:\windows\syswow64\sspicli.dll - Ok
>c:\windows\syswow64\wintrust.dll - packed by FLY-CODE
c:\windows\syswow64\wintrust.dll - Ok
c:\windows\syswow64\wldap32.dll - Ok
c:\windows\syswow64\user32.dll - Ok
c:\windows\syswow64\wininet.dll - Ok
c:\windows\syswow64\shlwapi.dll - Ok
c:\windows\syswow64\oleaut32.dll - Ok
c:\windows\syswow64\cfgmgr32.dll - Ok
c:\windows\syswow64\iertutil.dll - Ok
c:\windows\syswow64\advapi32.dll - Ok
c:\windows\syswow64\clbcatq.dll - Ok
c:\windows\syswow64\shell32.dll - Ok
c:\windows\syswow64\psapi.dll - Ok
c:\windows\syswow64\msvcrt.dll - Ok
c:\windows\syswow64\kernel32.dll - Ok
c:\windows\syswow64\combase.dll - Ok
c:\windows\syswow64\kernelbase.dll - Ok
c:\windows\syswow64\urlmon.dll - Ok
>c:\windows\syswow64\rpcrt4.dll - packed by FLY-CODE
c:\windows\syswow64\rpcrt4.dll - Ok
c:\windows\syswow64\msasn1.dll - Ok
c:\windows\syswow64\crypt32.dll - Ok
c:\windows\syswow64\nsi.dll - Ok
c:\windows\syswow64\gdi32.dll - Ok
>c:\windows\syswow64\ole32.dll is BINARYRES container
c:\windows\syswow64\ole32.dll - container
c:\windows\syswow64\ws2_32.dll - Ok
c:\windows\syswow64\sechost.dll - Ok
c:\windows\system32\wow64win.dll - Ok
c:\windows\system32\wow64cpu.dll - Ok
c:\windows\system32\wow64.dll - Ok
c:\windows\syswow64\ntdll.dll - Ok
c:\windows\system32\spool\prtprocs\x64\lxdudrpp.dll - Ok
c:\windows\system32\pdfcmnnt.dll - Ok
c:\windows\system32\lxdulmpm.dll - Ok
c:\windows\system32\lxducomc.dll - Ok
c:\windows\system32\bidispl.dll - Ok
c:\windows\system32\inetpp.dll - Ok
c:\windows\system32\win32spl.dll - Ok
c:\windows\system32\spool\prtprocs\x64\winprint.dll - Ok
c:\windows\system32\wsdmon.dll - Ok
c:\windows\system32\usbmon.dll - Ok
c:\windows\system32\wsnmp32.dll - Ok
c:\windows\system32\tcpmon.dll - Ok
c:\windows\system32\printisolationproxy.dll - Ok
c:\windows\system32\localspl.dll - Ok
c:\windows\system32\spoolss.dll - Ok
c:\windows\system32\snmpapi.dll - Ok
c:\windows\system32\fdpnp.dll - Ok
c:\windows\system32\fxsmon.dll - Ok
c:\windows\system32\browcli.dll - Ok
c:\windows\system32\comctl32.dll - Ok
c:\windows\system32\comdlg32.dll - Ok
c:\windows\system32\srumapi.dll - Ok
c:\windows\system32\energyprov.dll - Ok
c:\windows\system32\appsruprov.dll - Ok
c:\windows\system32\wpnsruprov.dll - Ok
c:\windows\system32\nduprov.dll - Ok
c:\windows\system32\wdiasqmmodule.dll - Ok
c:\windows\system32\srumsvc.dll - Ok
c:\windows\system32\dtsh.dll - Ok
c:\windows\system32\ncdautosetup.dll - Ok
c:\windows\system32\deviceassociation.dll - Ok
c:\windows\system32\dps.dll - Ok
c:\windows\system32\mrmcorer.dll - Ok
c:\windows\system32\wfapigp.dll - Ok
c:\windows\system32\adhapi.dll - Ok
c:\windows\system32\mpssvc.dll - Ok
c:\windows\system32\bfe.dll - Ok
c:\windows\system32\diagperf.dll - Ok
>c:\windows\system32\urlmon.dll is BINARYRES container
c:\windows\system32\urlmon.dll - container
c:\windows\system32\wininet.dll - Ok
c:\windows\system32\iertutil.dll - Ok
c:\windows\system32\msvcr100.dll - Ok
c:\windows\system32\msvcp100.dll - Ok
c:\windows\system32\windows.media.streaming.dll - Ok
c:\windows\system32\dafwsd.dll - Ok
c:\windows\system32\dafupnp.dll - Ok
c:\windows\system32\lxduiesc.dll - Ok
c:\windows\system32\lxduinpa.dll - Ok
c:\windows\system32\lxduusb1.dll - Ok
c:\windows\system32\lxduserv.dll - Ok
c:\windows\system32\msctf.dll - Ok
c:\windows\system32\imm32.dll - Ok
c:\windows\system32\lxducaps64.dll - Ok
c:\windows\system32\lxducnv464.dll - Ok
c:\windows\system32\lxducfg.dll - Ok
c:\program files\avast software\avast\snxhk64.dll - Ok
c:\windows\system32\lxdudrs64.dll - Ok
c:\windows\system32\sti.dll - Ok
c:\windows\system32\wiafbdrv.dll - Ok
c:\windows\system32\portabledevicetypes.dll - Ok
c:\windows\system32\portabledeviceapi.dll - Ok
c:\windows\winsxs\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.9200.16518_none_726fbfe0cc22f012\gdiplus.dll - Ok
c:\windows\system32\portabledevicewiacompat.dll - Ok
c:\windows\system32\wsdchngr.dll - Ok
c:\windows\system32\wiatrace.dll - Ok
c:\windows\system32\wiaservc.dll - Ok
c:\windows\system32\upnphost.dll - Ok
c:\windows\system32\windows.applicationmodel.dll - Ok
c:\windows\system32\timebrokerserver.dll - Ok
c:\windows\system32\httpapi.dll - Ok
c:\windows\system32\fdrespub.dll - Ok
c:\windows\system32\ssdpsrv.dll - Ok
c:\windows\system32\udhisapi.dll - Ok
c:\windows\system32\p2pgraph.dll - Ok
c:\windows\system32\p2psvc.dll - Ok
c:\windows\system32\pnrpsvc.dll - Ok
c:\windows\system32\drt.dll - Ok
c:\windows\system32\drttransport.dll - Ok
c:\windows\system32\portabledeviceclassextension.dll - Ok
c:\windows\system32\wmasf.dll - Ok
c:\windows\system32\wmvcore.dll - Ok
c:\windows\system32\drivers\umdf\wpdfs.dll - Ok
c:\windows\system32\wudfx.dll - Ok
c:\program files (x86)\realtek\realtek usb 2.0 card reader\rscrlib.dll - Ok
c:\windows\system32\winmmbase.dll - Ok
c:\windows\system32\winmm.dll - Ok
c:\windows\system32\msimg32.dll - Ok
c:\windows\system32\oleacc.dll - Ok
c:\windows\system32\dwmapi.dll - Ok
c:\windows\syswow64\sfc_os.dll - Ok
c:\windows\syswow64\sfc.dll - Ok
c:\windows\syswow64\msiltcfg.dll - Ok
c:\windows\syswow64\rstrtmgr.dll - Ok
c:\windows\syswow64\xmllite.dll - Ok
c:\program files (x86)\nero\update\nasvcps.dll - Ok
c:\windows\syswow64\msi.dll - Ok
c:\program files\avast software\avast\snxhk.dll - Ok
c:\windows\syswow64\cryptdll.dll - Ok
c:\windows\system32\chtbrkr.dll - Ok
c:\windows\system32\nlslexicons000a.dll - Ok
c:\windows\system32\nlsdata000a.dll - Ok
c:\windows\system32\nlsdata0009.dll - Ok
c:\windows\system32\chsbrkr.dll - Ok
c:\windows\system32\nlsdata0000.dll - Ok
c:\windows\system32\nlslexicons0009.dll - Ok
c:\windows\system32\elscore.dll - Ok
c:\windows\system32\naturallanguage6.dll - Ok
c:\windows\system32\msidle.dll - Ok
c:\windows\system32\mssrch.dll - Ok
c:\windows\system32\korwbrkr.dll - Ok
c:\windows\system32\query.dll - Ok
c:\windows\system32\elstrans.dll - Ok
c:\windows\system32\mssprxy.dll - Ok
c:\windows\system32\structuredquery.dll - Ok
c:\windows\system32\mlang.dll - Ok
c:\windows\system32\msmpeg2enc.dll - Ok
c:\windows\system32\winsatapi.dll - Ok
c:\windows\system32\ksuser.dll - Ok
c:\windows\system32\mfcore.dll - Ok
c:\windows\system32\wmpmde.dll - Ok
c:\windows\system32\dxgi.dll - Ok
c:\windows\system32\wsock32.dll - Ok
c:\windows\system32\srchadmin.dll - Ok
c:\windows\system32\bluetoothapis.dll - Ok
c:\windows\system32\sqlcese40.dll - Ok
c:\windows\system32\sqlceqp40.dll - Ok
c:\windows\system32\tdh.dll - Ok
c:\windows\system32\racengn.dll - Ok
c:\windows\system32\sensorsapi.dll - Ok
c:\windows\system32\bthsqm.dll - Ok
c:\windows\system32\kernelceip.dll - Ok
c:\windows\system32\sqlceoledb40.dll - Ok
c:\windows\system32\sppc.dll - Ok
c:\windows\system32\slwga.dll - Ok
c:\windows\system32\fhsvcctl.dll - Ok
c:\windows\system32\fhtask.dll - Ok
c:\windows\syswow64\crtdll.dll - Ok
c:\windows\syswow64\dxgi.dll - Ok
c:\windows\syswow64\winsatapi.dll - Ok
c:\windows\syswow64\ieframe.dll - Ok
c:\windows\syswow64\powrprof.dll - Ok
c:\windows\syswow64\uiautomationcore.dll - Ok
c:\windows\syswow64\dsound.dll - Ok
c:\windows\syswow64\avrt.dll - Ok
c:\windows\syswow64\l3codecp.acm - Ok
c:\windows\syswow64\msadp32.acm - Ok
c:\windows\syswow64\audioses.dll - Ok
c:\windows\syswow64\l3codeca.acm - Ok
c:\windows\syswow64\msacm32.dll - Ok
c:\windows\syswow64\ksuser.dll - Ok
c:\windows\syswow64\mmdevapi.dll - Ok
c:\windows\syswow64\imaadp32.acm - Ok
c:\windows\syswow64\msg711.acm - Ok
>c:\program files\avast software\avast\commonres.dll - packed by BINARYRES
>>c:\program files\avast software\avast\commonres.dll is BINARYRES container
>>>c:\program files\avast software\avast\commonres.dll\data003 - packed by FLY-CODE
>>>>c:\program files\avast software\avast\commonres.dll\data003 is NSIS container
>>>>>c:\program files\avast software\avast\commonres.dll\data003\GoogleUpdateSetup_latest.exe is LZMA container
>>>c:\program files\avast software\avast\commonres.dll\data004 - packed by FLY-CODE
>>>>c:\program files\avast software\avast\commonres.dll\data004 is NSIS container
>>>>>c:\program files\avast software\avast\commonres.dll\data004\GoogleUpdateSetup_latest.exe is LZMA container
>>>c:\program files\avast software\avast\commonres.dll\data006 - packed by FLY-CODE
>>>>c:\program files\avast software\avast\commonres.dll\data006 is NSIS container
>>>>>c:\program files\avast software\avast\commonres.dll\data006\GoogleUpdateSetup_latest.exe is LZMA container
c:\program files\avast software\avast\commonres.dll - container
c:\program files\avast software\avast\1033\uilangres.dll - Ok
c:\program files\avast software\avast\aswdata.dll - Ok
c:\program files\avast software\avast\aswara.dll - Ok
c:\windows\winsxs\x86_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_49768ef57548175e\mfc90enu.dll - Ok
>c:\windows\winsxs\x86_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_4bf7e3e2bf9ada4c\mfc90u.dll is ZLIB container
c:\windows\winsxs\x86_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_4bf7e3e2bf9ada4c\mfc90u.dll - container
c:\windows\syswow64\cryptui.dll - Ok
c:\program files\avast software\avast\aswutil.dll - Ok
c:\windows\syswow64\sxs.dll - Ok
>c:\windows\syswow64\msgsm32.acm - packed by FLY-CODE
c:\windows\syswow64\msgsm32.acm - Ok
c:\windows\syswow64\msimg32.dll - Ok
c:\windows\syswow64\propsys.dll - Ok
c:\windows\syswow64\uxtheme.dll - Ok
c:\windows\syswow64\dwmapi.dll - Ok
c:\windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.9200.16518_none_ba1cf6b7e09f1918\gdiplus.dll - Ok
c:\windows\syswow64\winmmbase.dll - Ok
c:\windows\syswow64\oleacc.dll - Ok
c:\windows\syswow64\winmm.dll - Ok
c:\windows\syswow64\midimap.dll - Ok
c:\windows\syswow64\msacm32.drv - Ok
c:\windows\syswow64\wdmaud.drv - Ok
c:\program files\avast software\avast\defs\13082300\uiext.dll - Ok
c:\windows\syswow64\setupapi.dll - Ok
c:\windows\syswow64\devobj.dll - Ok
c:\windows\syswow64\imm32.dll - Ok
c:\windows\syswow64\comctl32.dll - Ok
c:\windows\syswow64\comdlg32.dll - Ok
c:\windows\syswow64\msctf.dll - Ok
c:\program files\gateway\gateway power management\powersettingcontrol.dll - Ok
c:\windows\system32\uxinit.dll - Ok
c:\windows\system32\atidxx64.dll - Ok
c:\windows\system32\d2d1.dll - Ok
c:\windows\system32\aticfx64.dll - Ok
c:\windows\system32\udwm.dll - Ok
c:\windows\system32\d3d10_1core.dll - Ok
c:\windows\system32\d3d10warp.dll - Ok
c:\windows\system32\d3d11.dll - Ok
c:\windows\system32\uianimation.dll - Ok
c:\windows\system32\windowscodecs.dll - Ok
c:\windows\system32\atiuxp64.dll - Ok
c:\windows\system32\d3d10_1.dll - Ok
c:\windows\system32\dcomp.dll - Ok
c:\windows\system32\dwmcore.dll - Ok
c:\windows\system32\dwmredir.dll - Ok
c:\windows\system32\atiadlxx.dll - Ok
c:\program files\internet explorer\sqmapi.dll - Ok
c:\windows\system32\msutb.dll - Ok
c:\windows\system32\playsndsrv.dll - Ok
c:\windows\system32\msctfmonitor.dll - Ok
c:\program files\avast software\avast\ashsha64.dll - Ok
c:\windows\system32\ieframe.dll - Ok
>c:\windows\system32\twinui.dll is ZLIB container
c:\windows\system32\twinui.dll - container
c:\windows\system32\wintypes.dll - Ok
c:\windows\system32\werconcpl.dll - Ok
c:\program files\internet explorer\ieproxy.dll - Ok
c:\windows\system32\msi.dll - Ok
c:\windows\system32\fxsresm.dll - Ok
c:\windows\system32\explorerframe.dll - Ok
c:\windows\system32\fxsapi.dll - Ok
c:\windows\system32\synccenter.dll - Ok
>c:\windows\system32\wscui.cpl is ZLIB container
c:\windows\system32\wscui.cpl - container
c:\windows\system32\framedynos.dll - Ok
c:\windows\system32\wscapi.dll - Ok
c:\windows\system32\wscinterop.dll - Ok
c:\windows\system32\fxsst.dll - Ok
c:\windows\system32\hgcpl.dll - Ok
c:\windows\system32\imapi2.dll - Ok
c:\windows\system32\apprepapi.dll - Ok
c:\windows\system32\ehstorshell.dll - Ok
c:\windows\system32\wercplsupport.dll - Ok
c:\windows\system32\keepaliveprovider.dll - Ok
c:\windows\system32\windows.networking.sockets.pushenabledapplication.dll - Ok
c:\windows\system32\prnfldr.dll - Ok
c:\windows\system32\stobject.dll - Ok
c:\windows\system32\photometadatahandler.dll - Ok
c:\windows\system32\devicesetupmanagerapi.dll - Ok
c:\windows\system32\wpncore.dll - Ok
c:\windows\system32\msiltcfg.dll - Ok
c:\windows\system32\actioncenter.dll - Ok
c:\windows\system32\wpnprv.dll - Ok
c:\windows\system32\wwapi.dll - Ok
c:\windows\system32\batmeter.dll - Ok
c:\windows\system32\hcproviders.dll - Ok
c:\windows\system32\windows.networking.connectivity.dll - Ok
c:\windows\system32\thumbcache.dll - Ok
c:\windows\system32\windows.immersiveshell.serviceprovider.dll - Ok
c:\windows\system32\settingsyncinfo.dll - Ok
c:\windows\system32\iconcodecservice.dll - Ok
c:\windows\system32\bthprops.cpl - Ok
c:\windows\system32\networkstatus.dll - Ok
c:\windows\system32\inputswitch.dll - Ok
>c:\windows\system32\windows.ui.immersive.dll is ZLIB container
c:\windows\system32\windows.ui.immersive.dll - container
c:\windows\system32\uiautomationcore.dll - Ok
c:\windows\system32\dwrite.dll - Ok
c:\windows\system32\pnidui.dll - Ok
c:\windows\system32\packagestateroaming.dll - Ok
c:\windows\system32\ime\shared\imeroaming.dll - Ok
c:\program files\windows portable devices\sqmapi.dll - Ok
c:\windows\system32\ncaapi.dll - Ok
c:\windows\system32\dxp.dll - Ok
c:\windows\system32\windows.globalization.fontgroups.dll - Ok
c:\windows\system32\settingmonitor.dll - Ok
c:\windows\system32\wpdshserviceobj.dll - Ok
c:\windows\system32\duser.dll - Ok
c:\windows\system32\alttab.dll - Ok
c:\windows\system32\sndvolsso.dll - Ok
c:\windows\system32\dui70.dll - Ok
c:\windows\system32\syncreg.dll - Ok
c:\windows\system32\authui.dll - Ok
c:\windows\syswow64\hid.dll - Ok
c:\windows\syswow64\oledlg.dll - Ok
c:\windows\syswow64\winspool.drv - Ok
c:\windows\syswow64\dxva2.dll - Ok
c:\windows\system32\mssph.dll - Ok
c:\windows\system32\mapi32.dll - Ok
c:\windows\system32\msshooks.dll - Ok
c:\windows\syswow64\webservices.dll - Ok
c:\windows\syswow64\apprepapi.dll - Ok
c:\windows\syswow64\actxprxy.dll - Ok
c:\windows\syswow64\atiuxpag.dll - Ok
c:\windows\syswow64\d3d11.dll - Ok
c:\windows\syswow64\dui70.dll - Ok
>c:\windows\syswow64\windows.ui.immersive.dll is ZLIB container
c:\windows\syswow64\windows.ui.immersive.dll - container
c:\windows\syswow64\twinapi.dll - Ok
>c:\windows\syswow64\twinui.dll is ZLIB container
c:\windows\syswow64\twinui.dll - container
c:\windows\syswow64\searchfolder.dll - Ok
c:\windows\syswow64\duser.dll - Ok
c:\windows\syswow64\explorerframe.dll - Ok
c:\windows\syswow64\shdocvw.dll - Ok
c:\windows\syswow64\atiumdva.dll - Ok
c:\windows\syswow64\atiumdag.dll - Ok
  • 0

#9
sidhedraoi
Posted 23 August 2013 - 03:00 PM

sidhedraoi

    Member

  • Topic Starter
  • Member
  • PipPip
  • 72 posts
part 4)(sorry REALLY long report and for some reason could not just upload the whole file for you)
c:\program files (x86)\google\chrome\application\29.0.1547.57\icudt.dll - Ok
>c:\program files (x86)\google\chrome\application\29.0.1547.57\chrome.dll is BINARYRES container
>>c:\program files (x86)\google\chrome\application\29.0.1547.57\chrome.dll\data001 is JS-HTML container
>>c:\program files (x86)\google\chrome\application\29.0.1547.57\chrome.dll\data002 is JS-HTML container
>>c:\program files (x86)\google\chrome\application\29.0.1547.57\chrome.dll\data004 is JS-HTML container
>>c:\program files (x86)\google\chrome\application\29.0.1547.57\chrome.dll\data005 is JS-HTML container
c:\program files (x86)\google\chrome\application\29.0.1547.57\chrome.dll - container
c:\windows\syswow64\structuredquery.dll - Ok
>c:\windows\syswow64\windowscodecs.dll - packed by FLY-CODE
c:\windows\syswow64\windowscodecs.dll - Ok
c:\windows\syswow64\mfreadwrite.dll - Ok
c:\windows\syswow64\thumbcache.dll - Ok
c:\windows\syswow64\devrtl.dll - Ok
c:\windows\syswow64\pcacli.dll - Ok
c:\windows\syswow64\d3d9.dll - Ok
c:\windows\syswow64\mscms.dll - Ok
c:\windows\syswow64\mfplat.dll - Ok
c:\windows\syswow64\mfcore.dll - Ok
c:\windows\syswow64\mf.dll - Ok
c:\windows\syswow64\mfnetcore.dll - Ok
c:\windows\syswow64\linkinfo.dll - Ok
c:\windows\syswow64\mssprxy.dll - Ok
c:\windows\syswow64\atiu9pag.dll - Ok
c:\windows\syswow64\wevtapi.dll - Ok
c:\windows\syswow64\wpc.dll - Ok
c:\windows\syswow64\aticfx32.dll - Ok
c:\program files\avast software\avast\aswjsflt.dll - Ok
c:\windows\syswow64\cscapi.dll - Ok
c:\windows\syswow64\ntshrui.dll - Ok
c:\windows\syswow64\dbghelp.dll - Ok
c:\windows\syswow64\usp10.dll - Ok
c:\windows\syswow64\imagehlp.dll - Ok
c:\program files (x86)\google\chrome\application\29.0.1547.57\d3dcompiler_46.dll - Ok
c:\windows\syswow64\msmpeg2vdec.dll - Ok
c:\program files (x86)\google\chrome\application\29.0.1547.57\libglesv2.dll - Ok
c:\program files (x86)\google\chrome\application\29.0.1547.57\libegl.dll - Ok
c:\program files (x86)\google\chrome\application\29.0.1547.57\ffmpegsumo.dll - Ok
c:\program files (x86)\google\chrome\application\29.0.1547.57\pdf.dll - Ok
c:\program files (x86)\google\chrome\application\29.0.1547.57\libpeerconnection.dll - Ok
c:\program files (x86)\google\chrome\application\29.0.1547.57\ppgooglenaclpluginchrome.dll - Ok
c:\windows\system32\rtkcfg64.dll - Ok
c:\windows\system32\dsound.dll - Ok
c:\windows\system32\oledlg.dll - Ok
c:\windows\syswow64\lxducfg.dll - Ok
c:\program files (x86)\lexmark 5600-6600 series\lxdudatr.dll - Ok
c:\program files (x86)\lexmark 5600-6600 series\lxducats.dll - Ok
c:\program files (x86)\lexmark 5600-6600 series\lxducaps.dll - Ok
c:\program files (x86)\lexmark 5600-6600 series\lxdudrs.dll - Ok
c:\program files (x86)\lexmark 5600-6600 series\lxducnv4.dll - Ok
c:\program files (x86)\lexmark 5600-6600 series\lxdumonr.dll - Ok
c:\program files (x86)\lexmark 5600-6600 series\lxduscw.dll - Ok
c:\program files (x86)\lexmark 5600-6600 series\lxducomc.dll - Ok
c:\program files (x86)\lexmark 5600-6600 series\eputil.dll - Ok
c:\program files (x86)\lexmark 5600-6600 series\epfunct.dll - Ok
c:\program files (x86)\lexmark 5600-6600 series\customui.dll - Ok
c:\program files (x86)\lexmark 5600-6600 series\imagutil.dll - Ok
c:\program files (x86)\lexmark 5600-6600 series\ltwvc215u.dll - Ok
c:\program files (x86)\lexmark 5600-6600 series\ltdis15u.dll - Ok
c:\program files (x86)\lexmark 5600-6600 series\ltkrn15u.dll - Ok
>c:\program files (x86)\lexmark 5600-6600 series\ltfil15u.dll is BINARYRES container
c:\program files (x86)\lexmark 5600-6600 series\ltfil15u.dll - container
c:\program files (x86)\lexmark 5600-6600 series\ltimgclr15u.dll - Ok
c:\program files (x86)\lexmark 5600-6600 series\ltimgutl15u.dll - Ok
c:\program files (x86)\lexmark 5600-6600 series\epstring.dll - Ok
c:\program files (x86)\lexmark 5600-6600 series\epoemdll.dll - Ok
c:\program files (x86)\lexmark 5600-6600 series\ltimgcor15u.dll - Ok
c:\program files (x86)\lexmark 5600-6600 series\ltimgsfx15u.dll - Ok
c:\program files (x86)\lexmark 5600-6600 series\ltimgefx15u.dll - Ok
c:\program files (x86)\lexmark 5600-6600 series\epwizres.dll - Ok
c:\program files (x86)\lexmark 5600-6600 series\ltefx15u.dll - Ok
c:\program files (x86)\lexmark 5600-6600 series\iptk.dll - Ok
c:\program files (x86)\lexmark 5600-6600 series\lxduptp.dll - Ok
c:\program files (x86)\lexmark 5600-6600 series\epwizard.dll - Ok
c:\program files (x86)\lexmark 5600-6600 series\pdflib.dll - Ok
c:\windows\syswow64\sti.dll - Ok
c:\windows\syswow64\msvcp60.dll - Ok
c:\windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6910_none_d089c358442de345\msvcp80.dll - Ok
c:\windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6910_none_d089c358442de345\msvcr80.dll - Ok
c:\windows\syswow64\mfc42.dll - Ok
c:\windows\syswow64\odbc32.dll - Ok
>c:\windows\syswow64\wiatrace.dll - packed by FLY-CODE
c:\windows\syswow64\wiatrace.dll - Ok
c:\windows\syswow64\shfolder.dll - Ok
c:\windows\syswow64\msxml6.dll - Ok
c:\windows\syswow64\riched20.dll - Ok
c:\windows\syswow64\upnp.dll - Ok
c:\windows\syswow64\firewallapi.dll - Ok
c:\windows\syswow64\hnetcfg.dll - Ok
c:\windows\syswow64\msls31.dll - Ok
c:\windows\syswow64\ssdpapi.dll - Ok
c:\windows\syswow64\npmproxy.dll - Ok
c:\windows\syswow64\atl.dll - Ok
c:\users\home\appdata\roaming\utorrent\virusguard\bdcore.dll - Ok
c:\users\home\appdata\roaming\utorrent\virusguard\scan.dll - Ok
c:\program files (x86)\divx\divx update\divxupdatecheck.dll - Ok
c:\windows\syswow64\cabinet.dll - Ok
c:\windows\system32\dxva2.dll - Ok
c:\program files\gateway\gateway power management\commoncontrol.dll - Ok
c:\windows\syswow64\wpdshext.dll - Ok
c:\windows\syswow64\windows.media.streaming.dll - Ok
c:\windows\syswow64\dlnashext.dll - Ok
c:\windows\syswow64\msscript.ocx - Ok
c:\windows\syswow64\vssapi.dll - Ok
c:\windows\syswow64\spp.dll - Ok
c:\windows\syswow64\srclient.dll - Ok
c:\windows\syswow64\olepro32.dll - Ok
c:\windows\syswow64\devdispitemprovider.dll - Ok
c:\windows\syswow64\dsrole.dll - Ok
c:\windows\syswow64\vsstrace.dll - Ok
c:\program files (x86)\ati technologies\ati.ace\core-static\log.foundation.dll - Ok
c:\program files (x86)\ati technologies\ati.ace\core-static\log.foundation.private.dll - Ok
c:\program files (x86)\ati technologies\ati.ace\core-static\mom.foundation.dll - Ok
c:\program files (x86)\ati technologies\ati.ace\core-static\log.foundation.implementation.private.dll - Ok
c:\program files (x86)\ati technologies\ati.ace\core-static\mom.implementation.dll - Ok
c:\program files (x86)\ati technologies\ati.ace\core-static\log.foundation.implementation.dll - Ok
c:\program files (x86)\ati technologies\ati.ace\core-static\newaem.foundation.dll - Ok
c:\program files (x86)\ati technologies\ati.ace\core-static\ccc.implementation.dll - Ok
c:\windows\microsoft.net\assembly\gac_64\system.web\v4.0_4.0.0.0__b03f5f7f11d50a3a\system.web.dll - Ok
c:\windows\assembly\nativeimages_v4.0.30319_64\system.windows.forms\91baa8291ae5873141b15f66d05888a4\system.windows.forms.ni.dll - Ok
c:\windows\assembly\nativeimages_v4.0.30319_64\mscorlib\ab0a8fc3d086a3aaf942f366a12a9185\mscorlib.ni.dll - Ok
c:\windows\assembly\nativeimages_v4.0.30319_64\system\84008211017a9909ffd971633716ffc5\system.ni.dll - Ok
c:\windows\microsoft.net\framework64\v4.0.30319\clr.dll - Ok
c:\windows\assembly\nativeimages_v4.0.30319_64\system.runt73a1fc9d#\77f6ab0fdc009b7ca96cc0c7d228da06\system.runtime.remoting.ni.dll - Ok
c:\windows\assembly\nativeimages_v4.0.30319_64\system.drawing\810a79f22ac4d44804984e417c380706\system.drawing.ni.dll - Ok
c:\windows\microsoft.net\framework64\v4.0.30319\clrjit.dll - Ok
c:\windows\system32\msvcr110_clr0400.dll - Ok
c:\windows\microsoft.net\framework64\v4.0.30319\mscoreei.dll - Ok
c:\windows\system32\mscoree.dll - Ok
c:\program files (x86)\ati technologies\ati.ace\core-static\cli.component.runtime.shared.private.dll - Ok
c:\program files (x86)\ati technologies\ati.ace\core-static\aem.plugin.gd.shared.dll - Ok
c:\program files (x86)\ati technologies\ati.ace\core-static\aem.server.shared.dll - Ok
c:\program files (x86)\ati technologies\ati.ace\core-static\cli.foundation.xmanifest.dll - Ok
c:\program files (x86)\ati technologies\ati.ace\core-static\cli.foundation.dll - Ok
c:\program files (x86)\ati technologies\ati.ace\core-static\cli.foundation.private.dll - Ok
c:\program files (x86)\ati technologies\ati.ace\core-static\aem.plugin.audio.shared.dll - Ok
c:\program files (x86)\ati technologies\ati.ace\core-static\cli.component.runtime.dll - Ok
c:\program files (x86)\ati technologies\ati.ace\core-static\cli.component.runtime.shared.dll - Ok
c:\program files (x86)\ati technologies\ati.ace\core-static\aticccom.dll - Ok
c:\program files (x86)\ati technologies\ati.ace\core-static\aem.server.dll - Ok
c:\program files (x86)\ati technologies\ati.ace\core-static\cli.foundation.coreaudioapi.dll - Ok
c:\program files (x86)\ati technologies\ati.ace\core-static\adl.foundation.dll - Ok
c:\program files (x86)\ati technologies\ati.ace\core-static\cli.aspect.amdhome.graphics.dashboard.dll - Ok
c:\program files (x86)\ati technologies\ati.ace\core-static\cli.aspect.customformatselection.graphics.dashboard.shared.private.dll - Ok
c:\program files (x86)\ati technologies\ati.ace\core-static\cli.component.dashboard.profilemanager2.dll - Ok
c:\program files (x86)\ati technologies\ati.ace\core-static\cli.aspect.multivpu2.graphics.shared.dll - Ok
c:\program files (x86)\ati technologies\ati.ace\core-static\cli.aspect.displaysoptions.graphics.dashboard.dll - Ok
c:\program files (x86)\ati technologies\ati.ace\core-static\cli.aspect.infocentre.graphics.dashboard.dll - Ok
c:\program files (x86)\ati technologies\ati.ace\core-static\cli.aspect.updatenotification.graphics.dashboard.dll - Ok
c:\program files (x86)\ati technologies\ati.ace\core-static\cli.caste.graphics.dashboard.dll - Ok
c:\program files (x86)\ati technologies\ati.ace\core-static\dem.graphics.i0601.dll - Ok
c:\program files (x86)\ati technologies\ati.ace\core-static\cli.aspect.deviceproperty.graphics.runtime.dll - Ok
c:\program files (x86)\ati technologies\ati.ace\core-static\dem.graphics.dll - Ok
c:\program files (x86)\ati technologies\ati.ace\core-static\aem.plugin.source.kit.server.dll - Ok
c:\program files (x86)\ati technologies\ati.ace\core-static\aem.plugin.dppe.shared.dll - Ok
c:\program files (x86)\ati technologies\ati.ace\core-static\aem.plugin.hotkeys.shared.dll - Ok
c:\program files (x86)\ati technologies\ati.ace\core-static\aem.plugin.winmessages.shared.dll - Ok
c:\program files (x86)\ati technologies\ati.ace\core-static\aem.plugin.reg.shared.dll - Ok
c:\program files (x86)\ati technologies\ati.ace\core-static\dem.foundation.dll - Ok
c:\program files (x86)\ati technologies\ati.ace\core-static\dem.graphics.i0709.dll - Ok
c:\program files (x86)\ati technologies\ati.ace\core-static\cli.aspect.displayscolour2.graphics.runtime.dll - Ok
c:\program files (x86)\ati technologies\ati.ace\core-static\aem.plugin.eeu.shared.dll - Ok
c:\program files (x86)\ati technologies\ati.ace\core-static\cli.aspect.devicelcd.graphics.shared.dll - Ok
c:\program files (x86)\ati technologies\ati.ace\core-static\cli.aspect.devicecrt.graphics.runtime.dll - Ok
c:\program files (x86)\ati technologies\ati.ace\core-static\cli.caste.graphics.runtime.shared.private.dll - Ok
c:\program files (x86)\ati technologies\ati.ace\core-static\cli.aspect.displayscolour2.graphics.shared.dll - Ok
c:\program files (x86)\ati technologies\ati.ace\core-static\cli.aspect.wifi.fuel.shared.dll - Ok
c:\program files (x86)\ati technologies\ati.ace\core-static\cli.aspect.devicecrt.graphics.shared.dll - Ok
c:\program files (x86)\ati technologies\ati.ace\core-static\cli.aspect.transcode.graphics.runtime.dll - Ok
c:\program files (x86)\ati technologies\ati.ace\core-static\dem.graphics.i0912.dll - Ok
c:\program files (x86)\ati technologies\ati.ace\core-static\dem.graphics.i0706.dll - Ok
c:\program files (x86)\ati technologies\ati.ace\core-static\dem.graphics.i0712.dll - Ok
c:\program files (x86)\ati technologies\ati.ace\core-static\cli.aspect.deviceproperty.graphics.shared.dll - Ok
c:\program files (x86)\ati technologies\ati.ace\core-static\cli.combined.graphics.aspects2.runtime.dll - Ok
c:\program files (x86)\ati technologies\ati.ace\core-static\dem.graphics.i1011.dll - Ok
c:\program files (x86)\ati technologies\ati.ace\core-static\cli.aspect.devicedfp.graphics.runtime.dll - Ok
c:\program files (x86)\ati technologies\ati.ace\core-static\cli.aspect.devicedfp.graphics.shared.dll - Ok
c:\program files (x86)\ati technologies\ati.ace\core-static\cli.aspect.customformats.graphics.shared.dll - Ok
c:\program files (x86)\ati technologies\ati.ace\core-static\dem.graphics.i0812.dll - Ok
c:\program files (x86)\ati technologies\ati.ace\core-static\dem.graphics.i0805.dll - Ok
c:\program files (x86)\ati technologies\ati.ace\core-static\cli.aspect.powerplaydppe.graphics.runtime.dll - Ok
c:\program files (x86)\ati technologies\ati.ace\core-static\cli.aspect.radeon3d.graphics.runtime.dll - Ok
c:\program files (x86)\ati technologies\ati.ace\core-static\dem.graphics.i0906.dll - Ok
c:\program files (x86)\ati technologies\ati.ace\core-static\cli.aspect.radeon3d.graphics.shared.dll - Ok
c:\program files (x86)\ati technologies\ati.ace\core-static\cli.aspect.mmvideo.graphics.runtime.dll - Ok
c:\program files (x86)\ati technologies\ati.ace\core-static\cli.aspect.mmvideo.graphics.shared.dll - Ok
c:\program files (x86)\ati technologies\ati.ace\core-static\cli.aspect.powerplaydppe.graphics.shared.dll - Ok
c:\program files (x86)\ati technologies\ati.ace\core-static\fuel.foundation.dll - Ok
c:\program files (x86)\ati technologies\ati.ace\core-static\cli.aspect.dppe.fuel.shared.dll - Ok
c:\program files (x86)\ati technologies\ati.ace\core-static\cli.aspect.transcode.graphics.shared.dll - Ok
c:\program files (x86)\ati technologies\ati.ace\core-static\atixclib.dll - Ok
c:\program files (x86)\ati technologies\ati.ace\core-static\cli.aspect.amdhome.graphics.runtime.dll - Ok
c:\program files (x86)\ati technologies\ati.ace\core-static\cli.aspect.amdhome.graphics.shared.dll - Ok
c:\program files (x86)\ati technologies\ati.ace\core-static\cli.aspect.fets.fuel.shared.dll - Ok
c:\program files (x86)\ati technologies\ati.ace\core-static\cli.aspect.hotkeyshandling.graphics.runtime.dll - Ok
c:\program files (x86)\ati technologies\ati.ace\core-static\cli.combined.fusion.aspects.runtime.dll - Ok
c:\program files (x86)\ati technologies\ati.ace\core-static\cli.caste.fuel.runtime.dll - Ok
c:\program files (x86)\ati technologies\ati.ace\core-static\cli.aspect.hotkeyshandling.graphics.shared.dll - Ok
c:\program files (x86)\ati technologies\ati.ace\core-static\cli.aspect.updatenotification.graphics.runtime.dll - Ok
c:\program files (x86)\ati technologies\ati.ace\core-static\cli.aspect.updatenotification.graphics.shared.dll - Ok
c:\program files\ati technologies\ati.ace\fuel\fuel.implementationnet4.dll - Ok
c:\program files (x86)\ati technologies\ati.ace\core-static\cli.foundation.client.dll - Ok
c:\program files (x86)\ati technologies\ati.ace\core-static\cli.caste.fuel.shared.dll - Ok
c:\windows\system32\atidemgy.dll - Ok
c:\program files (x86)\ati technologies\ati.ace\core-static\dem.graphics.i1010.dll - Ok
c:\program files (x86)\ati technologies\ati.ace\core-static\aem.actions.ccaa.shared.dll - Ok
c:\program files (x86)\ati technologies\ati.ace\core-static\cli.caste.graphics.runtime.dll - Ok
c:\program files (x86)\ati technologies\ati.ace\core-static\cli.caste.graphics.shared.dll - Ok
c:\program files (x86)\ati technologies\ati.ace\core-static\cli.aspect.cpupstates.fuel.shared.dll - Ok
c:\program files (x86)\ati technologies\ati.ace\core-static\dem.graphics.i0804.dll - Ok
c:\program files (x86)\ati technologies\ati.ace\core-static\resourcemanagement.foundation.private.dll - Ok
c:\program files (x86)\ati technologies\ati.ace\core-static\localization.foundation.implementation.default_localization.dll - Ok
c:\program files (x86)\ati technologies\ati.ace\core-static\localization.foundation.private.dll - Ok
c:\program files (x86)\ati technologies\ati.ace\core-static\cli.component.client.shared.private.dll - Ok
c:\program files (x86)\ati technologies\ati.ace\core-static\cli.aspect.cpuoverdrive.fuel.runtime.dll - Ok
c:\program files (x86)\ati technologies\ati.ace\core-static\apm.foundation.dll - Ok
c:\program files (x86)\ati technologies\ati.ace\core-static\cli.component.runtime.extension.eeu.dll - Ok
c:\program files (x86)\ati technologies\ati.ace\core-static\cli.aspect.cpuoverdrive.fuel.shared.dll - Ok
c:\program files (x86)\ati technologies\ati.ace\core-static\cli.caste.platform.runtime.dll - Ok
c:\program files (x86)\ati technologies\ati.ace\core-static\cli.caste.hydravision.runtime.dll - Ok
c:\program files (x86)\ati technologies\ati.ace\core-static\cli.caste.platform.shared.dll - Ok
c:\program files (x86)\ati technologies\ati.ace\core-static\cli.aspect.amdoverdrive.platform.runtime.dll - Ok
c:\program files (x86)\ati technologies\ati.ace\core-static\cli.aspect.amdoverdrive.platform.shared.dll - Ok
c:\program files (x86)\ati technologies\ati.ace\core-static\cli.aspect.overdrive5.graphics.shared.dll - Ok
c:\program files (x86)\ati technologies\ati.ace\core-static\cli.caste.hydravision.shared.dll - Ok
c:\program files (x86)\ati technologies\ati.ace\core-static\apm.server.dll - Ok
c:\program files (x86)\ati technologies\ati.ace\core-static\cli.component.client.shared.dll - Ok
c:\program files (x86)\ati technologies\ati.ace\core-static\cli.component.dashboard.shared.dll - Ok
c:\program files (x86)\ati technologies\ati.ace\core-static\cli.caste.graphics.dashboard.shared.dll - Ok
c:\program files (x86)\ati technologies\ati.ace\core-static\cli.aspect.amdoverdrive.platform.dashboard.dll - Ok
c:\program files (x86)\ati technologies\ati.ace\core-static\cli.aspect.cpuoverdrive.fuel.dashboard.dll - Ok
>c:\program files (x86)\ati technologies\ati.ace\core-static\cli.component.dashboard.dll is ZLIB container
c:\program files (x86)\ati technologies\ati.ace\core-static\cli.component.dashboard.dll - container
>c:\program files (x86)\ati technologies\ati.ace\core-static\cli.component.dashboard.shared.private.dll is ZLIB container
c:\program files (x86)\ati technologies\ati.ace\core-static\cli.component.dashboard.shared.private.dll - container
c:\program files (x86)\ati technologies\ati.ace\core-static\cli.component.systemtray.dll - Ok
c:\program files (x86)\ati technologies\ati.ace\core-static\cli.combined.graphics.aspects1.dashboard.dll - Ok
c:\program files (x86)\ati technologies\ati.ace\core-static\cli.aspect.displaysmanager.graphics.dashboard.dll - Ok
>c:\program files (x86)\ati technologies\ati.ace\core-static\cli.aspect.crossdisplay.graphics.dashboard.dll is ZLIB container
c:\program files (x86)\ati technologies\ati.ace\core-static\cli.aspect.crossdisplay.graphics.dashboard.dll - container
c:\program files (x86)\ati technologies\ati.ace\core-static\cli.aspect.devicedfp.graphics.dashboard.dll - Ok
c:\program files (x86)\ati technologies\ati.ace\core-static\cli.aspect.transcode.graphics.dashboard.dll - Ok
>c:\program files (x86)\ati technologies\ati.ace\core-static\cli.aspect.mmvideo.graphics.dashboard.dll is ZLIB container
c:\program files (x86)\ati technologies\ati.ace\core-static\cli.aspect.mmvideo.graphics.dashboard.dll - container
c:\program files (x86)\ati technologies\ati.ace\core-static\cli.aspect.audio.graphics.dashboard.dll - Ok
c:\program files (x86)\ati technologies\ati.ace\core-static\cli.caste.fuel.dashboard.dll - Ok
c:\program files (x86)\ati technologies\ati.ace\core-static\cli.aspect.user.fuel.dashboard.dll - Ok
c:\program files (x86)\ati technologies\ati.ace\core-static\cli.aspect.fets.fuel.dashboard.dll - Ok
>c:\program files (x86)\ati technologies\ati.ace\core-static\resourcemanagement.foundation.implementation.dll is ZLIB container
c:\program files (x86)\ati technologies\ati.ace\core-static\resourcemanagement.foundation.implementation.dll - container
c:\program files (x86)\ati technologies\ati.ace\core-static\cli.aspect.radeon3d.graphics.dashboard.dll - Ok
c:\program files (x86)\ati technologies\ati.ace\core-static\cli.aspect.wifi.fuel.dashboard.dll - Ok
c:\program files (x86)\ati technologies\ati.ace\core-static\cli.aspect.dppe.fuel.dashboard.dll - Ok
c:\program files (x86)\ati technologies\ati.ace\core-static\cli.aspect.cpupstates.fuel.dashboard.dll - Ok
c:\program files (x86)\ati technologies\ati.ace\core-static\cli.caste.platform.dashboard.dll - Ok
c:\program files (x86)\ati technologies\ati.ace\core-static\cli.caste.hydravision.dashboard.dll - Ok
c:\program files (x86)\ati technologies\ati.ace\core-static\microsoft.windowsapicodepack.dll - Ok
c:\program files (x86)\ati technologies\ati.ace\core-static\microsoft.windowsapicodepack.shell.dll - Ok
c:\windows\microsoft.net\assembly\gac_msil\presentationframework-systemxml\v4.0_4.0.0.0__b77a5c561934e089\presentationframework-systemxml.dll - Ok
c:\windows\microsoft.net\assembly\gac_msil\windowsformsintegration\v4.0_4.0.0.0__31bf3856ad364e35\windowsformsintegration.dll - Ok
c:\program files (x86)\ati technologies\ati.ace\core-static\cli.aspect.deviceproperty.graphics.dashboard.shared.dll - Ok
c:\windows\system32\atiumd6a.dll - Ok
c:\windows\system32\atiumd64.dll - Ok
c:\windows\assembly\nativeimages_v4.0.30319_64\presentatio5ae0f00f#\5ae84452122e5ba9f9157164ec4e1452\presentationframework.ni.dll - Ok
c:\windows\assembly\nativeimages_v4.0.30319_64\presentationcore\ccb0cf23d8607c241d292c922aaa9061\presentationcore.ni.dll - Ok
c:\windows\assembly\nativeimages_v4.0.30319_64\windowsbase\2c9293b1f1b691c2b1c5ae92d581532d\windowsbase.ni.dll - Ok
c:\windows\assembly\nativeimages_v4.0.30319_64\system.core\a51eab8159bbe5f0cd2713f383468750\system.core.ni.dll - Ok
c:\windows\assembly\nativeimages_v4.0.30319_64\system.xml\17fa9b078e78b857f6c5f5a8081220ae\system.xml.ni.dll - Ok
c:\windows\system32\d3d9.dll - Ok
c:\windows\microsoft.net\framework64\v4.0.30319\wpf\wpfgfx_v0400.dll - Ok
c:\windows\assembly\nativeimages_v4.0.30319_64\system.xaml\a26ad1493f4f8621e90811cb38ad22e2\system.xaml.ni.dll - Ok
c:\windows\assembly\nativeimages_v4.0.30319_64\system.configuration\196905ff422a58f4cb735f4156b1ecaa\system.configuration.ni.dll - Ok
c:\windows\microsoft.net\framework64\v4.0.30319\wpf\presentationnative_v0400.dll - Ok
c:\windows\system32\mscms.dll - Ok
c:\windows\system32\windowscodecsext.dll - Ok
c:\windows\system32\icm32.dll - Ok
c:\program files\ati technologies\ati.ace\fuel\fuel.proxy.native.dll - Ok
c:\windows\assembly\nativeimages_v4.0.30319_64\presentatioaec034ca#\9fb849115fa37e6b107e1d9799ad83da\presentationframework.aero2.ni.dll - Ok
c:\windows\system32\atiu9p64.dll - Ok
c:\windows\syswow64\winmetadata\windows.foundation.winmd - Ok
c:\windows\syswow64\winmetadata\windows.ui.winmd - Ok
c:\windows\syswow64\winmetadata\windows.applicationmodel.winmd - Ok
c:\windows\syswow64\winmetadata\windows.security.winmd - Ok
c:\program files\windowsapps\microsoft.skypeapp_1.8.0.111_x86__kzf8qxf38zg5c\libwrap.winmd - Ok
c:\windows\syswow64\winmetadata\windows.storage.winmd - Ok
c:\program files\windowsapps\microsoft.skypeapp_1.8.0.111_x86__kzf8qxf38zg5c\libwrap.dll - Ok
c:\windows\syswow64\mshtml.dll - Ok
c:\windows\syswow64\windows.networking.connectivity.dll - Ok
c:\windows\syswow64\windows.networking.dll - Ok
c:\program files\windowsapps\microsoft.vclibs.110.00_11.0.51106.1_x86__8wekyb3d8bbwe\msvcr110.dll - Ok
c:\program files\windowsapps\microsoft.vclibs.110.00_11.0.51106.1_x86__8wekyb3d8bbwe\msvcp110.dll - Ok
c:\program files\windowsapps\microsoft.vclibs.110.00_11.0.51106.1_x86__8wekyb3d8bbwe\vccorlib110.dll - Ok
c:\windows\syswow64\d2d1.dll - Ok
c:\windows\syswow64\jscript9.dll - Ok
c:\windows\syswow64\windows.storage.applicationdata.dll - Ok
c:\windows\syswow64\vaultcli.dll - Ok
c:\windows\syswow64\dcomp.dll - Ok
c:\windows\syswow64\ninput.dll - Ok
c:\windows\syswow64\windows.ui.dll - Ok
c:\windows\syswow64\wwaapi.dll - Ok
c:\windows\syswow64\biwinrt.dll - Ok
c:\windows\syswow64\dwrite.dll - Ok
c:\windows\syswow64\mrmcorer.dll - Ok
c:\windows\syswow64\rometadata.dll - Ok
c:\windows\syswow64\bcp47langs.dll - Ok
c:\windows\syswow64\wintypes.dll - Ok
c:\windows\syswow64\msimtf.dll - Ok
c:\windows\syswow64\msv1_0.dll - Ok
c:\windows\syswow64\pdh.dll - Ok
>c:\users\home\appdata\local\temp\a9650260-3a2e3b57-de0fb9df-aee1be\1u3dg483.dll is BINARYRES container
>>c:\users\home\appdata\local\temp\a9650260-3a2e3b57-de0fb9df-aee1be\1u3dg483.dll\data003 - packed by BINARYRES
>>c:\users\home\appdata\local\temp\a9650260-3a2e3b57-de0fb9df-aee1be\1u3dg483.dll\data004 - packed by BINARYRES
c:\users\home\appdata\local\temp\a9650260-3a2e3b57-de0fb9df-aee1be\1u3dg483.dll - container
c:\program files (x86)\gateway\live updater\updater.exe - Ok
c:\windows\system32\wermgr.exe - Ok
c:\windows\system32\sc.exe - Ok
c:\windows\system32\srtasks.exe - Ok
c:\windows\system32\raserver.exe - Ok
c:\windows\system32\gathernetworkinfo.vbs - Ok
c:\windows\system32\defrag.exe - Ok
c:\windows\system32\bthudtask.exe - Ok
c:\windows\system32\aitagent.exe - Ok
c:\windows\system32\appidpolicyconverter.exe - Ok
c:\users\kids\appdata\roaming\microsoft\windows\start menu\programs\startup\desktop.ini - Ok
c:\users\home\appdata\roaming\microsoft\windows\start menu\programs\startup\desktop.ini - Ok
c:\users\adrienne\appdata\roaming\microsoft\windows\start menu\programs\startup\desktop.ini - Ok
c:\programdata\microsoft\windows\start menu\programs\startup\desktop.ini - Ok
c:\program files (x86)\windows defender\mpclient.dll - Ok
c:\windows\system32\wwanadvui.dll - Ok
c:\windows\system32\dfdwiz.exe - Ok
c:\windows\system32\ime\shared\imecfmui.exe - Ok
c:\windows\system32\wabsyncprovider.dll - Ok
c:\windows\system32\ime\shared\imewdbld.exe - Ok
c:\windows\system32\oobe\winlgdep.dll - Ok
c:\windows\system32\smsrouter.dll - Ok
c:\windows\system32\windows.graphics.dll - Ok
c:\windows\system32\userlanguagescpl.dll - Ok
c:\windows\system32\msvideodsp.dll - Ok
c:\windows\system32\ime\imetc\imtccore.dll - Ok
c:\windows\system32\shwebsvc.dll - Ok
c:\windows\system32\oobe\msoobedui.dll - Ok
c:\windows\system32\wmp.dll - Ok
c:\windows\system32\dot3mm.dll - Ok
c:\windows\system32\aeevts.dll - Ok
c:\windows\system32\stikynot.exe - Ok
c:\windows\system32\oobe\msoobe.exe - Ok
c:\windows\system32\aclui.dll - Ok
c:\windows\system32\wcnwiz.dll - Ok
c:\windows\system32\windows.graphics.printing.dll - Ok
c:\windows\system32\vaultcli.dll - Ok
c:\windows\system32\wisp.dll - Ok
c:\windows\system32\ime\shared\imebroker.exe - Ok
c:\windows\system32\sdiageng.dll - Ok
c:\windows\system32\ime\imekr\imkrtip.dll - Ok
c:\windows\system32\glcndfilter.dll - Ok
c:\windows\system32\windowsanytimeupgraderesults.exe - Ok
c:\windows\system32\deviceuxres.dll - Ok
>c:\windows\system32\apds.dll is ZLIB container
c:\windows\system32\apds.dll - container
c:\windows\system32\hotspotauth.dll - Ok
c:\windows\system32\damm.dll - Ok
c:\windows\system32\ime\imejp\imjplmp.dll - Ok
c:\windows\system32\authhost.exe - Ok
c:\windows\system32\sensorperformanceevents.dll - Ok
c:\windows\system32\ttlsauth.dll - Ok
>c:\windows\system32\ime\imetc\imtctip.dll - packed by BINARYRES
c:\windows\system32\ime\imetc\imtctip.dll - Ok
c:\windows\system32\wlandlg.dll - Ok
c:\windows\system32\ime\imesc\imscdiccompiler.exe - Ok
c:\windows\system32\websocket.dll - Ok
c:\windows\system32\microsoft-windows-processor-aggregator-events.dll - Ok
c:\windows\system32\wlanpref.dll - Ok
c:\windows\system32\documentperformanceevents.dll - Ok
c:\windows\system32\magnification.dll - Ok
c:\windows\system32\intl.cpl - Ok
c:\windows\microsoft.net\framework64\v4.0.30319\microsoft.windows.applicationserver.applications.dll - Ok
c:\program files (x86)\common files\microsoft shared\ink\mshwlatin.dll - Ok
>c:\windows\system32\ime\imesc\imsctip.dll - packed by BINARYRES
c:\windows\system32\ime\imesc\imsctip.dll - Ok
c:\windows\system32\windows.ui.input.inking.dll - Ok
c:\windows\system32\connect.dll - Ok
c:\windows\system32\wmphoto.dll - Ok
c:\windows\system32\ime\shared\imetip.dll - Ok
c:\program files (x86)\common files\microsoft shared\ink\mraut.dll - Ok
c:\windows\system32\genuinecenter.dll - Ok
c:\windows\system32\playtomanager.dll - Ok
c:\windows\system32\appxpackaging.dll - Ok
c:\windows\system32\windows.networking.backgroundtransfer.dll - Ok
c:\windows\system32\mfcaptureengine.dll - Ok
c:\windows\system32\mfplay.dll - Ok
c:\windows\system32\fhuxcommon.dll - Ok
c:\windows\system32\powercpl.dll - Ok
c:\windows\system32\mssha.dll - Ok
c:\windows\system32\msmpeg2vdec.dll - Ok
c:\windows\system32\werfault.exe - Ok
c:\windows\system32\onex.dll - Ok
c:\windows\system32\ocsetup.exe - Ok
c:\windows\system32\spaceagent.exe - Ok
c:\windows\system32\wsmres.dll - Ok
c:\windows\system32\mf.dll - Ok
c:\windows\system32\microsoft-windows-pdc.dll - Ok
>c:\windows\immersivecontrolpanel\systemsettings.exe is ZLIB container
c:\windows\immersivecontrolpanel\systemsettings.exe - container
c:\windows\system32\setupetw.dll - Ok
c:\windows\system32\msdt.exe - Ok
c:\windows\system32\msvproc.dll - Ok
c:\windows\system32\wsqmcons.exe - Ok
c:\windows\system32\windows.ui.dll - Ok
c:\windows\system32\windowspowershell\v1.0\psevents.dll - Ok
c:\windows\system32\powercfg.cpl - Ok
>c:\windows\system32\webcamui.dll is ZLIB container
c:\windows\system32\webcamui.dll - container
c:\windows\system32\d3d10core.dll - Ok
c:\windows\system32\windows.devices.geolocation.dll - Ok
c:\windows\system32\wwahost.exe - Ok
c:\windows\system32\actioncentercpl.dll - Ok
c:\windows\system32\provcore.dll - Ok
c:\windows\system32\sdiagprv.dll - Ok
c:\windows\system32\easwrt.dll - Ok
c:\windows\system32\rmapi.dll - Ok
c:\windows\system32\mblctr.exe - Ok
c:\windows\system32\mfmediaengine.dll - Ok
c:\windows\system32\windows.media.dll - Ok
c:\windows\system32\ime\imejp\imjptip.dll - Ok
c:\windows\system32\portabledevicestatus.dll - Ok
c:\windows\system32\kdscli.dll - Ok
>c:\windows\system32\uiribbon.dll is ZLIB container
c:\windows\system32\uiribbon.dll - container
c:\windows\system32\l2nacp.dll - Ok
c:\windows\system32\settingsync.dll - Ok
c:\windows\system32\srh.dll - Ok
c:\windows\system32\wpninprc.dll - Ok
c:\windows\system32\napipsec.dll - Ok
c:\windows\system32\mp4sdecd.dll - Ok
c:\windows\system32\d3d10level9.dll - Ok
c:\program files (x86)\internet explorer\iedvtool.dll - Ok
c:\windows\system32\ime\shared\mscand20.dll - Ok
c:\program files (x86)\windows media player\wmpnssui.dll - Ok
c:\windows\system32\hotstartuseragent.dll - Ok
c:\windows\system32\winmde.dll - Ok
c:\program files (x86)\windows photo viewer\photoacq.dll - Ok
c:\windows\system32\setupcl.exe - Ok
c:\windows\system32\oobe\windeploy.exe - Ok
c:\windows\system32\oobe\oobeldr.exe - Ok
c:\windows\system32\sysprep\sysprep.exe - Ok
c:\windows\system32\oobe\cmisetup.dll - Ok
c:\windows\system32\oobe\audit.exe - Ok
c:\windows\system32\setupugc.exe - Ok
c:\windows\system32\dismapi.dll - Ok
c:\windows\system32\ime\imekr\imkrapi.dll - Ok
c:\windows\system32\speech\engines\tts\msttsengine.dll - Ok
>c:\windows\system32\timedate.cpl is ZLIB container
c:\windows\system32\timedate.cpl - container
c:\windows\system32\rfxvmt.dll - Ok
c:\windows\system32\dxpserver.exe - Ok
c:\windows\system32\wwanconn.dll - Ok
c:\windows\system32\display.dll - Ok
c:\windows\system32\windows.networking.dll - Ok
c:\windows\system32\connectedaccountstate.dll - Ok
c:\windows\system32\idctrls.dll - Ok
c:\windows\system32\slui.exe - Ok
c:\windows\system32\windows.web.dll - Ok
c:\windows\system32\netcenter.dll - Ok
c:\windows\system32\wevtfwd.dll - Ok
c:\windows\system32\bootux.dll - Ok
c:\windows\system32\sud.dll - Ok
c:\windows\system32\themecpl.dll - Ok
c:\program files (x86)\windows media player\wmpmediasharing.dll - Ok
c:\windows\system32\osbaseln.dll - Ok
c:\windows\system32\daotpcredentialprovider.dll - Ok
c:\windows\system32\wpnapps.dll - Ok
c:\windows\system32\rdrleakdiag.exe - Ok
c:\windows\system32\datusage.dll - Ok
c:\windows\system32\microsoft-windows-battery-events.dll - Ok
c:\windows\system32\jscript9.dll - Ok
c:\windows\system32\wmvdecod.dll - Ok
>c:\program files (x86)\windows nt\accessories\wordpad.exe is BINARYRES container
c:\program files (x86)\windows nt\accessories\wordpad.exe - container
c:\windows\system32\eqossnap.dll - Ok
c:\windows\system32\firewallcontrolpanel.dll - Ok
c:\windows\system32\drivers\umdf\hidbthle.dll - Ok
c:\windows\winstore\winstoreui.dll - Ok
c:\windows\system32\windows.ui.xaml.dll - Ok
c:\windows\system32\elshyph.dll - Ok
c:\windows\system32\msmpeg2adec.dll - Ok
c:\windows\system32\smbwmiv2.dll - Ok
c:\windows\system32\vaultroaming.dll - Ok
c:\windows\system32\pcaevts.dll - Ok
c:\windows\system32\mfreadwrite.dll - Ok
c:\windows\system32\sdiagschd.dll - Ok
c:\windows\system32\wmpdmc.exe - Ok
c:\windows\system32\tsmf.dll - Ok
c:\windows\system32\appxdeploymentserver.dll - Ok
c:\windows\system32\dxptaskringtone.dll - Ok
c:\windows\system32\simauth.dll - Ok
c:\windows\system32\appidapi.dll - Ok
c:\windows\system32\ime\imesc\imsccore.dll - Ok
c:\windows\system32\ime\imejp\imjppred.dll - Ok
c:\windows\system32\mprddm.dll - Ok
c:\windows\system32\mstextprediction.dll - Ok
c:\windows\system32\wbem\ntevt.dll - Ok
c:\windows\system32\sendmail.dll - Ok
c:\windows\system32\windows.system.profile.hardwareid.dll - Ok
c:\windows\system32\wlanmm.dll - Ok
c:\windows\system32\dccw.exe - Ok
c:\windows\system32\ime\imejp\imjpapi.dll - Ok
c:\windows\system32\usercpl.dll - Ok
c:\windows\system32\drivers\vwififlt.sys - Ok
c:\windows\system32\wmvencod.dll - Ok
c:\program files (x86)\common files\microsoft shared\ink\rtscom.dll - Ok
c:\windows\system32\dism.exe - Ok
c:\windows\system32\oobe\msoobeplugins.dll - Ok
c:\windows\system32\mbaeapipublic.dll - Ok
c:\windows\system32\oobe\msoobefirstlogonanim.dll - Ok
c:\windows\system32\tzutil.exe - Ok
c:\windows\system32\ninput.dll - Ok
c:\windows\system32\mbaeapi.dll - Ok
c:\windows\system32\mfh264enc.dll - Ok
c:\windows\system32\mbaeparsertask.exe - Ok
c:\windows\system32\printdialogs.dll - Ok
c:\windows\system32\rpchttp.dll - Ok
c:\windows\system32\dxptasksync.dll - Ok
c:\windows\system32\useraccountcontrolsettings.dll - Ok
c:\windows\system32\wlanconn.dll - Ok
c:\windows\system32\zipfldr.dll - Ok
c:\windows\system32\xaudio2_8.dll - Ok
c:\windows\system32\mspaint.exe - Ok
c:\windows\system32\consentux.dll - Ok
c:\windows\system32\ime\shared\imecfm.dll - Ok
c:\windows\system32\energy.dll - Ok
c:\windows\system32\wdfres.dll - Ok
c:\windows\system32\diagcpl.dll - Ok
c:\windows\system32\oleaccrc.dll - Ok
c:\windows\system32\displayswitch.exe - Ok
c:\windows\system32\portabledevicesyncprovider.dll - Ok
c:\windows\system32\taskmgr.exe - Ok
c:\windows\system32\msdtcvsp1res.dll - Ok
c:\windows\system32\ime\imejp\imjpset.exe - Ok
c:\windows\system32\discan.dll - Ok
c:\windows\system32\prflbmsg.dll - Ok
c:\windows\system32\speech\speechux\speechux.dll - Ok
c:\windows\system32\windows.globalization.dll - Ok
c:\windows\system32\tpmvsc.dll - Ok
c:\windows\system32\openwith.exe - Ok
c:\windows\system32\rdpcorets.dll - Ok
c:\windows\system32\mbsmsapi.dll - Ok
c:\windows\system32\oobe\msoobewirelessplugin.dll - Ok
c:\windows\system32\comres.dll - Ok
  • 0

#10
Essexboy
Posted 23 August 2013 - 03:03 PM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Looking good, so nothing was found. It will give a summary right at the end :)

Is the computer behaving normally now
  • 1

Advertisements

#11
sidhedraoi
Posted 23 August 2013 - 03:05 PM

sidhedraoi

    Member

  • Topic Starter
  • Member
  • PipPip
  • 72 posts
ok so I stopped copy/pate mid report like I said REALLY long...don't know why I could not just upload the saved report to you...bottom line end of report states;



Total 7236046775 bytes in 27089 files scanned (32182 objects)
Total 27044 files (32131 objects) are clean
Total 3 files are infected
Total 39 files are raised error condition
Scan time is 00:07:36.915

with 3 threats being detected
  • 0

#12
Essexboy
Posted 23 August 2013 - 03:07 PM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
OK could you upload the entire report to mediafire and post the sharing link. Did cureit quarantine/delete the threats ?
  • 1

#13
sidhedraoi
Posted 23 August 2013 - 03:09 PM

sidhedraoi

    Member

  • Topic Starter
  • Member
  • PipPip
  • 72 posts

Looking good, so nothing was found. It will give a summary right at the end :)

Is the computer behaving normally now


Dr Web asking to "Neutralize"

should I?(never like jumping ahead of you guys)
  • 0

#14
Essexboy
Posted 23 August 2013 - 03:11 PM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Yes neutralise them, I prefer kill it sounds more satisfying :)
  • 0

#15
sidhedraoi
Posted 23 August 2013 - 03:12 PM

sidhedraoi

    Member

  • Topic Starter
  • Member
  • PipPip
  • 72 posts
http://www.mediafire...4jqmai84ne5vbbs

lol...I agree with KILL it

having issues with my chrome window...don't know if its related though..so don't worry about that...

have a great night

Edited by sidhedraoi, 23 August 2013 - 04:34 PM.

  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP