Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:22-06-2014
Ran by dd (administrator) on DD-K on 24-06-2014 19:29:58
Running from C:\Documents and Settings\dd\My Documents\Downloads
Platform: Microsoft Windows XP Professional Service Pack 2 (X86) OS Language: English (United States)
Internet Explorer Version 6
Boot Mode: Normal
The only official download link for FRST:
Download link from any site other than Bleeping Computer is unpermitted or outdated.
==================== Processes (Whitelisted) =================
(Avira GmbH) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(Avira GmbH) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
(Oracle Corporation) C:\Program Files\Java\jre7\bin\jqs.exe
(NVIDIA Corporation) C:\WINDOWS\system32\nvsvc32.exe
(Avira GmbH) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(Google Inc.) C:\Program Files\Google\Update\1.3.24.15\GoogleCrashHandler.exe
(VIA Technologies, Inc.) C:\Program Files\VIA\VIAudioi\HDADeck\HDeck.exe
(Hewlett-Packard) C:\Program Files\HP\HP Software Update\hpwuschd2.exe
(Avira GmbH) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
(InstallShield Software Corporation) C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
() C:\Program Files\CE100 Dialer\Driver\HaierDcService.exe
(Microsoft Corporation) C:\WINDOWS\system32\wscntfy.exe
() C:\Program Files\CE100 Dialer\ICard.exe
() C:\Program Files\CE100 Dialer\PcxSvr.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [HDAudDeck] => C:\Program Files\VIA\VIAudioi\HDADeck\HDeck.exe [33741424 2010-05-04] (VIA Technologies, Inc.)
HKLM\...\Run: [IMJPMIG8.1] => C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE [208952 2004-08-03] (Microsoft Corporation)
HKLM\...\Run: [MSPY2002] => C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe [59392 2004-08-03] ()
HKLM\...\Run: [PHIME2002ASync] => C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [455168 2004-08-03] (Microsoft Corporation)
HKLM\...\Run: [PHIME2002A] => C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [455168 2004-08-03] (Microsoft Corporation)
HKLM\...\Run: [KernelFaultCheck] => %systemroot%\system32\dumprep 0 -k
HKLM\...\Run: [NvCplDaemon] => C:\WINDOWS\system32\NvCpl.dll [13529088 2008-05-02] (NVIDIA Corporation)
HKLM\...\Run: [nwiz] => nwiz.exe /install
HKLM\...\Run: [NvMediaCenter] => C:\WINDOWS\system32\NvMcTray.dll [86016 2008-05-02] (NVIDIA Corporation)
HKLM\...\Run: [ISUSPM Startup] => c:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe [221184 2005-02-17] (InstallShield Software Corporation)
HKLM\...\Run: [HP Software Update] => C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\Run: [DivXMediaServer] => C:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe [450560 2014-02-14] (DivX, LLC)
HKLM\...\Run: [DivXUpdate] => C:\Program Files\DivX\DivX Update\DivXUpdate.exe [1861968 2014-01-10] ()
HKLM\...\Run: [Malwarebytes Anti-Exploit] => C:\Program Files\Malwarebytes Anti-Exploit\mbae.exe
HKLM\...\Run: [avgnt] => C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [281768 2011-04-21] (Avira GmbH)
HKLM\...\Run: [QuickTime Task] => "c:\program files\quicktime\qttask.exe" -atboottime
HKLM\...\Run: [NeroFilterCheck] => c:\windows\system32\nerocheck.exe [155648 2001-07-09] (Ahead Software Gmbh)
HKLM\...\Run: [ISUSScheduler] => c:\program files\common files\installshield\updateservice\issch.exe [81920 2005-02-17] (InstallShield Software Corporation)
HKLM\...\Run: [HaierDcService] => C:\Program Files\CE100 Dialer\Driver\HaierDcService.exe [96768 2009-08-11] ()
HKLM\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 0
HKLM\...\Policies\Explorer: [NoResolveSearch] 1
HKU\S-1-5-21-1482476501-1637723038-725345543-1003\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-1482476501-1637723038-725345543-1003\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 0
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk
ShortcutTarget: Adobe Gamma Loader.lnk -> C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
Startup: C:\Documents and Settings\dd\Start Menu\Programs\Startup\Monitor Ink Alerts - HP Deskjet 1000 J110 series.lnk
ShortcutTarget: Monitor Ink Alerts - HP Deskjet 1000 J110 series.lnk -> C:\Program Files\HP\HP Deskjet 1000 J110 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
SearchScopes: HKLM - DefaultScope value is missing.
BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKCU - &Address - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
Toolbar: HKCU - &Links - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Hosts: 127.0.0.1 localhost
Tcpip\..\Interfaces\{B71C9C06-5A9A-49F9-B40D-2738871E7044}: [NameServer]118.98.44.100 202.134.1.10
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_14_0_0_125.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @divx.com/DivX Web Player Plug-In,version=1.0.0 - C:\Program Files\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
FF Plugin: @java.com/DTPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 - C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF Plugin: @microsoft.com/WPF,version=3.5 - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @leeuu.com/npgboxruner;version= - C:\Documents and Settings\dd\Application Data\gbox\npgboxruner.dll No File
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Documents and Settings\dd\Local Settings\Application Data\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin7.dll (Apple Inc.)
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2011-01-22]
Chrome:
=======
CHR HomePage:
CHR DefaultSearchKeyword: google.co.id
CHR Extension: (Google Docs) - C:\Documents and Settings\dd\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-06-20]
CHR Extension: (Google Drive) - C:\Documents and Settings\dd\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-06-20]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Documents and Settings\dd\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-06-20]
CHR Extension: (YouTube) - C:\Documents and Settings\dd\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-06-20]
CHR Extension: (Google Search) - C:\Documents and Settings\dd\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-06-20]
CHR Extension: (Google Wallet) - C:\Documents and Settings\dd\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-06-20]
CHR Extension: (Gmail) - C:\Documents and Settings\dd\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-06-20]
CHR HKLM\...\Chrome\Extension: [bpeeepmahhfjiediknjejcmcfmjcjdck] - C:\Documents and Settings\dd\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\serach.crx [2014-06-20]
CHR HKLM\...\Chrome\Extension: [dkdkpmmkgdbglmfmmmmehbkmnkopingb] - C:\Documents and Settings\dd\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\v9-toolbar.crx [2014-06-20]
========================== Services (Whitelisted) =================
R2 6to4; C:\WINDOWS\System32\6to4svc.dll [100352 2004-08-03] (Microsoft Corporation)
R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [136360 2011-04-21] (Avira GmbH)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [269480 2011-07-21] (Avira GmbH)
S3 AppleChargerSrv; C:\WINDOWS\System32\AppleChargerSrv.exe [31272 2010-04-06] ()
R2 JavaQuickStarterService; C:\Program Files\Java\jre7\bin\jqs.exe [182696 2014-02-19] (Oracle Corporation)
S3 MSIServer; C:\WINDOWS\System32\msiexec.exe [78848 2005-05-04] (Microsoft Corporation) [File not signed]
S1684112708 SCardSvr; C:\WINDOWS\System32\SCardSvr.exe [95744 2004-08-03] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
R1 AppleCharger; C:\WINDOWS\System32\DRIVERS\AppleCharger.sys [19496 2010-04-27] ()
R1 avgio; C:\Program Files\Avira\AntiVir Desktop\avgio.sys [11608 2010-06-17] (Avira GmbH)
R2 avgntflt; C:\WINDOWS\System32\DRIVERS\avgntflt.sys [66616 2011-07-21] (Avira GmbH)
R1 avipbb; C:\WINDOWS\System32\DRIVERS\avipbb.sys [138192 2011-07-21] (Avira GmbH)
S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2004-08-03] (Microsoft Corporation)
R3 HDAudBus; C:\WINDOWS\System32\DRIVERS\HDAudBus.sys [138752 2005-01-07] (Windows ® Server 2003 DDK provider) [File not signed]
S3 mbamchameleon; C:\WINDOWS\system32\drivers\mbamchameleon.sys [53208 2014-06-14] (Malwarebytes Corporation)
S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2004-08-03] (Microsoft Corporation)
S3 Secdrv; C:\WINDOWS\System32\DRIVERS\secdrv.sys [27440 2004-07-17] ()
R0 sptd; C:\WINDOWS\System32\Drivers\sptd.sys [320120 2014-06-15] (Duplex Secure Ltd.)
R1 ssmdrv; C:\WINDOWS\System32\DRIVERS\ssmdrv.sys [28520 2010-06-17] (Avira GmbH)
R1 Tcpip6; C:\WINDOWS\System32\DRIVERS\tcpip6.sys [223616 2004-08-03] (Microsoft Corporation)
R3 VIAHdAudAddService; C:\WINDOWS\System32\drivers\viahduaa.sys [2134256 2010-04-24] (VIA Technologies, Inc.)
R3 wirelessusbser; C:\WINDOWS\System32\DRIVERS\3GDatausbser.sys [102656 2009-04-07] (QUALCOMM Incorporated)
U3 a2ewum2x; C:\WINDOWS\system32\Drivers\a2ewum2x.sys [0 ] (Microsoft Corporation)
S3 CT_SpeedUp_U_3.5G_SERM; system32\DRIVERS\CT_SpeedUp_U_3.5G_drv.sys [X]
S4 IntelIde; No ImagePath
U5 P3; C:\Windows\System32\Drivers\P3.sys [42496 2004-08-04] (Microsoft Corporation)
S3 taphss; system32\DRIVERS\taphss.sys [X]
S3 WINIO; \??\C:\RAAH73\ÉVé¦éóâtâHâïâ_\winio.sys [X]
========================== Drivers MD5 =======================
C:\WINDOWS\System32\DRIVERS\ACPI.sys A10C7534F7223F4A73A948967D00E69B
C:\WINDOWS\system32\Drivers\ACPIEC.sys 9859C0F6936E723E4892D7141B1327D5
C:\WINDOWS\System32\drivers\aec.sys 841F385C6CFAF66B58FBD898722BB4F0
C:\WINDOWS\System32\drivers\afd.sys 5AC495F4CB807B2B98AD2AD591E6D92E
C:\WINDOWS\System32\DRIVERS\AppleCharger.sys 75A8B998EB259DD512F01EA25BEC7F3B
C:\WINDOWS\System32\DRIVERS\asyncmac.sys 02000ABF34AF4C218C35D257024807D6
C:\WINDOWS\System32\DRIVERS\atapi.sys CDFE4411A69C224BD1D11B2DA92DAC51
C:\WINDOWS\System32\DRIVERS\atmarpc.sys EC88DA854AB7D7752EC8BE11A741BB7F
C:\WINDOWS\System32\DRIVERS\audstub.sys D9F724AA26C010A217C97606B160ED68
C:\Program Files\Avira\AntiVir Desktop\avgio.sys 0B497C79824F8E1BF22FA6AACD3DE3A0
C:\WINDOWS\System32\DRIVERS\avgntflt.sys 1E4114685DE1FFA9675E09C6A1FB3F4B
C:\WINDOWS\System32\DRIVERS\avipbb.sys 0F78D3DAE6DEDD99AE54C9491C62ADF2
C:\WINDOWS\system32\Drivers\Beep.sys DA1F27D85E0D1525F6621372E7B685E9
C:\WINDOWS\system32\Drivers\cbidf2k.sys 90A673FC8E12A79AFBED2576F6A7AAF9
C:\WINDOWS\System32\DRIVERS\CCDECODE.sys 6163ED60B684BAB19D3352AB22FC48B2
C:\WINDOWS\system32\Drivers\Cdaudio.sys C1B486A7658353D33A10CC15211A873B
C:\WINDOWS\system32\Drivers\Cdfs.sys CD7D5152DF32B47F4E36F710B35AAE02
C:\WINDOWS\System32\DRIVERS\cdrom.sys AF9C19B3100FE010496B1A27181FBF72
C:\WINDOWS\System32\DRIVERS\disk.sys 00CA44E4534865F8A3B64F7C0984BFF0
C:\WINDOWS\System32\drivers\dmboot.sys C0FBB516E06E243F0CF31F597E7EBF7D
C:\WINDOWS\System32\drivers\dmio.sys F5E7B358A732D09F4BCF2824B88B9E28
C:\WINDOWS\System32\drivers\dmload.sys E9317282A63CA4D188C0DF5E09C6AC5F
C:\WINDOWS\System32\drivers\DMusic.sys A6F881284AC1150E37D9AE47FF601267
C:\WINDOWS\System32\drivers\drmkaud.sys 1ED4DBBAE9F5D558DBBA4CC450E3EB2E
C:\WINDOWS\system32\Drivers\Fastfat.sys 3117F595E9615E04F05A54FC15A03B20
C:\WINDOWS\system32\Drivers\Fdc.sys CED2E8396A8838E59D8FD529C680E02C
C:\WINDOWS\system32\Drivers\Fips.sys E153AB8A11DE5452BCF5AC7652DBF3ED
C:\WINDOWS\system32\Drivers\Flpydisk.sys 0DD1DE43115B93F4D85E889D7A86F548
C:\WINDOWS\System32\DRIVERS\fltMgr.sys 157754F0DF355A9E0A6F54721914F9C6
C:\WINDOWS\system32\Drivers\Fs_Rec.sys 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A
C:\WINDOWS\System32\DRIVERS\ftdisk.sys 6AC26732762483366C3969C9E4D2259D
C:\WINDOWS\System32\DRIVERS\msgpc.sys C0F1D4A21DE5A415DF8170616703DEBF
C:\WINDOWS\System32\DRIVERS\HDAudBus.sys 3FCC124B6E08EE0E9351F717DD136939
C:\WINDOWS\System32\DRIVERS\hidusb.sys 1DE6783B918F540149AA69943BDFEBA8
C:\WINDOWS\System32\Drivers\ANDROIDUSB.sys 06C01427CEAD2C285BB47608BFB9BF88
C:\WINDOWS\System32\Drivers\HTTP.sys C19B522A9AE0BBC3293397F3055E80A1
C:\WINDOWS\System32\DRIVERS\i8042prt.sys 5502B58EEF7486EE6F93F3F164DCB808
C:\WINDOWS\System32\DRIVERS\imapi.sys F8AA320C6A0409C0380E5D8A99D76EC6
C:\WINDOWS\System32\DRIVERS\intelppm.sys 279FB78702454DFF2BB445F238C048D2
C:\WINDOWS\System32\DRIVERS\Ip6Fw.sys 4448006B6BC60E6C027932CFC38D6855
C:\WINDOWS\System32\DRIVERS\ipfltdrv.sys 731F22BA402EE4B62748ADAF6363C182
C:\WINDOWS\System32\DRIVERS\ipinip.sys E1EC7F5DA720B640CD8FB8424F1B14BB
C:\WINDOWS\System32\DRIVERS\ipnat.sys B5A8E215AC29D24D60B4D1250EF05ACE
C:\WINDOWS\System32\DRIVERS\ipsec.sys 64537AA5C003A6AFEEE1DF819062D0D1
C:\WINDOWS\System32\DRIVERS\irenum.sys 50708DAA1B1CBB7D6AC1CF8F56A24410
C:\WINDOWS\System32\DRIVERS\isapnp.sys E504F706CCB699C2596E9A3DA1596E87
C:\WINDOWS\System32\DRIVERS\kbdclass.sys EBDEE8A2EE5393890A1ACEE971C4C246
C:\WINDOWS\System32\DRIVERS\kbdhid.sys E182FA8E49E8EE41B4ADC53093F3C7E6
C:\WINDOWS\System32\drivers\kmixer.sys D93CAD07C5683DB066B0B2D2D3790EAD
C:\WINDOWS\system32\Drivers\KSecDD.sys EB7FFE87FD367EA8FCA0506F74A87FBB
C:\WINDOWS\system32\drivers\mbamchameleon.sys DC7E770CD68E91FB65B2D841741F43F6
C:\WINDOWS\system32\Drivers\mnmdd.sys 4AE068242760A1FB6E1A44BF4E16AFA6
C:\WINDOWS\system32\Drivers\Modem.sys 6FC6F9D7ACC36DCA9B914565A3AEDA05
C:\WINDOWS\System32\DRIVERS\mouclass.sys 34E1F0031153E491910E12551400192C
C:\WINDOWS\System32\DRIVERS\mouhid.sys B1C303E17FB9D46E87A98E4BA6769685
C:\WINDOWS\system32\Drivers\MountMgr.sys 65653F3B4477F3C63E68A9659F85EE2E
C:\WINDOWS\System32\DRIVERS\mrxdav.sys 46EDCC8F2DB2F322C24F48785CB46366
C:\WINDOWS\System32\DRIVERS\mrxsmb.sys 1FD607FC67F7F7C633C3DA65BFC53D18
C:\WINDOWS\system32\Drivers\Msfs.sys 561B3A4333CA2DBDBA28B5B956822519
C:\WINDOWS\System32\drivers\MSKSSRV.sys AE431A8DD3C1D0D0610CDBAC16057AD0
C:\WINDOWS\System32\drivers\MSPCLOCK.sys 13E75FEF9DFEB08EEDED9D0246E1F448
C:\WINDOWS\System32\drivers\MSPQM.sys 1988A33FF19242576C3D0EF9CE785DA7
C:\WINDOWS\System32\DRIVERS\mssmbios.sys 469541F8BFD2B32659D5D463A6714BCE
C:\WINDOWS\System32\drivers\MSTEE.sys BF13612142995096AB084F2DB7F40F77
C:\WINDOWS\system32\Drivers\Mup.sys 82035E0F41C2DD05AE41D27FE6CF7DE1
C:\WINDOWS\System32\DRIVERS\NABTSFEC.sys 5C8DC6429C43DC6177C1FA5B76290D1A
C:\WINDOWS\system32\Drivers\NDIS.sys 558635D3AF1C7546D26067D5D9B6959E
C:\WINDOWS\System32\DRIVERS\NdisIP.sys 520CE427A8B298F54112857BCF6BDE15
C:\WINDOWS\System32\DRIVERS\ndistapi.sys 08D43BBDACDF23F34D79E44ED35C1B4C
C:\WINDOWS\System32\DRIVERS\ndisuio.sys 34D6CD56409DA9A7ED573E1C90A308BF
C:\WINDOWS\System32\DRIVERS\ndiswan.sys 0B90E255A9490166AB368CD55A529893
C:\WINDOWS\system32\Drivers\NDProxy.sys 59FC3FB44D2669BC144FD87826BB571F
C:\WINDOWS\System32\DRIVERS\netbios.sys 3A2ACA8FC1D7786902CA434998D7CEB4
C:\WINDOWS\System32\DRIVERS\netbt.sys 0C80E410CD2F47134407EE7DD19CC86B
C:\WINDOWS\system32\Drivers\Npfs.sys 4F601BCB8F64EA3AC0994F98FED03F8E
C:\WINDOWS\system32\Drivers\Ntfs.sys B78BE402C3F63DD55521F73876951CDD
C:\WINDOWS\system32\Drivers\Null.sys 73C1E1F395918BC2C6DD67AF7591A3AD
C:\WINDOWS\System32\DRIVERS\nv4_mini.sys 8E72E452B9CC1E455D19E3C9FA964D37
C:\WINDOWS\System32\DRIVERS\nwlnkflt.sys B305F3FAD35083837EF46A0BBCE2FC57
C:\WINDOWS\System32\DRIVERS\nwlnkfwd.sys C99B3415198D1AAB7227F2C88FD664B9
C:\WINDOWS\System32\DRIVERS\parport.sys 29744EB4CE659DFE3B4122DEB45BC478
C:\WINDOWS\system32\Drivers\PartMgr.sys 3334430C29DC338092F79C38EF7B4CD0
C:\WINDOWS\system32\Drivers\ParVdm.sys 70E98B3FD8E963A6A46A2E6247E0BEA1
C:\WINDOWS\System32\DRIVERS\pci.sys 8086D9979234B603AD5BC2F5D890B234
C:\WINDOWS\System32\DRIVERS\pciide.sys CCF5F451BB1A5A2A522A76E670000FF0
C:\WINDOWS\system32\Drivers\Pcmcia.sys 82A087207DECEC8456FBE8537947D579
C:\WINDOWS\System32\DRIVERS\raspptp.sys 1C5CC65AAC0783C344F16353E60B72AC
C:\WINDOWS\System32\DRIVERS\psched.sys 48671F327553DCF1D27F6197F622A668
C:\WINDOWS\System32\DRIVERS\ptilink.sys 80D317BD1C3DBC5D4FE7B1678C60CADD
C:\WINDOWS\System32\DRIVERS\rasacd.sys FE0D99D6F31E4FAD8159F690D68DED9C
C:\WINDOWS\System32\DRIVERS\rasl2tp.sys 98FAEB4A4DCF812BA1C6FCA4AA3E115C
C:\WINDOWS\System32\DRIVERS\raspppoe.sys 7306EEED8895454CBED4669BE9F79FAA
C:\WINDOWS\System32\DRIVERS\raspti.sys FDBB1D60066FCFBB7452FD8F9829B242
C:\WINDOWS\System32\DRIVERS\rdbss.sys 29D66245ADBA878FFF574CD66ABD2884
C:\WINDOWS\System32\DRIVERS\RDPCDD.sys 4912D5B403614CE99C28420F75353332
C:\WINDOWS\System32\DRIVERS\rdpdr.sys A2CAE2C60BC37E0751EF9DDA7CEAF4AD
C:\WINDOWS\system32\Drivers\RDPWD.sys D4F5643D7714EF499AE9527FDCD50894
C:\WINDOWS\System32\DRIVERS\redbook.sys B31B4588E4086D8D84ADBF9845C2402B
C:\WINDOWS\System32\DRIVERS\secdrv.sys D26E26EA516450AF9D072635C60387F4
C:\WINDOWS\System32\DRIVERS\serenum.sys A2D868AEEFF612E70E213C451A70CAFB
C:\WINDOWS\System32\DRIVERS\serial.sys CD9404D115A00D249F70A371B46D5A26
C:\WINDOWS\system32\Drivers\Sfloppy.sys 0D13B6DF6E9E101013A7AFB0CE629FE0
C:\WINDOWS\System32\DRIVERS\SLIP.sys 5CAEED86821FA2C6139E32E9E05CCDC9
C:\WINDOWS\System32\drivers\splitter.sys 8E186B8F23295D1E42C573B82B80D548
C:\WINDOWS\System32\Drivers\sptd.sys CBEAEA2729985BFB260641AB424E0166
C:\WINDOWS\System32\DRIVERS\sr.sys E41B6D037D6CD08461470AF04500DC24
C:\WINDOWS\System32\DRIVERS\srv.sys 20B7E396720353E4117D64D9DCB926CA
C:\WINDOWS\System32\DRIVERS\ssmdrv.sys A36EE93698802CD899F98BFD553D8185
C:\WINDOWS\System32\DRIVERS\StreamIP.sys 284C57DF5DC7ABCA656BC2B96A667AFB
C:\WINDOWS\System32\DRIVERS\swenum.sys 03C1BAE4766E2450219D20B993D6E046
C:\WINDOWS\System32\drivers\swmidi.sys 94ABC808FC4B6D7D2BBF42B85E25BB4D
C:\WINDOWS\System32\drivers\sysaudio.sys 650AD082D46BAC0E64C9C0E0928492FD
C:\WINDOWS\System32\DRIVERS\tcpip.sys 9F4B36614A0FC234525BA224957DE55C
C:\WINDOWS\System32\DRIVERS\tcpip6.sys 4D58BB1AE8841AAFD8790AD7E1E3B8EA
C:\WINDOWS\system32\Drivers\TDPIPE.sys 38D437CF2D98965F239B0ABCD66DCB0F
C:\WINDOWS\system32\Drivers\TDTCP.sys ED0580AF02502D00AD8C4C066B156BE9
C:\WINDOWS\System32\DRIVERS\termdd.sys A540A99C281D933F3D69D55E48727F47
C:\WINDOWS\System32\DRIVERS\tunmp.sys 87A0E9E18C10A9E454238E3330E2A26D
C:\WINDOWS\system32\Drivers\Udfs.sys 12F70256F140CD7D52C58C7048FDE657
C:\WINDOWS\System32\DRIVERS\update.sys AFF2E5045961BBC0A602BB6F95EB1345
C:\WINDOWS\System32\DRIVERS\usbccgp.sys BFFD9F120CC63BCBAA3D840F3EEF9F79
C:\WINDOWS\System32\DRIVERS\usbehci.sys 15E993BA2F6946B2BFBBFCD30398621E
C:\WINDOWS\System32\DRIVERS\usbhub.sys C72F40947F92CEA56A8FB532EDF025F1
C:\WINDOWS\System32\DRIVERS\usbprint.sys A42369B7CD8886CD7C70F33DA6FCBCF5
C:\WINDOWS\System32\DRIVERS\usbscan.sys A6BC71402F4F7DD5B77FD7F4A8DDBA85
C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS 6CD7B22193718F1D17A47A1CD6D37E75
C:\WINDOWS\System32\DRIVERS\usbuhci.sys F8FD1400092E23C8F2F31406EF06167B
C:\WINDOWS\System32\Drivers\usbvideo.sys 8968FF3973A883C49E8B564200F565B9
C:\WINDOWS\System32\drivers\vga.sys 8A60EDD72B4EA5AEA8202DAF0E427925
C:\WINDOWS\System32\drivers\viahduaa.sys 029E0B9574D872582B4ADFB69EE82F0E
C:\WINDOWS\system32\Drivers\VolSnap.sys EE4660083DEBA849FF6C485D944B379B
C:\WINDOWS\System32\DRIVERS\wanarp.sys 984EF0B9788ABF89974CFED4BFBAACBC
C:\WINDOWS\System32\Drivers\wdf01000.sys 4769596D7CC0F5FA447D2BABC239672A
C:\WINDOWS\System32\drivers\wdmaud.sys 2797F33EBF50466020C430EE4F037933
C:\WINDOWS\System32\DRIVERS\3GDatausbser.sys CCAEC5175F1EBC6EB0DBD607EEA791C1
C:\WINDOWS\System32\drivers\ws2ifsl.sys 6ABE6E225ADB5A751622A9CC3BC19CE8
C:\WINDOWS\System32\DRIVERS\WSTCODEC.SYS D5842484F05E12121C511AA93F6439EC
C:\WINDOWS\system32\Drivers\a2ewum2x.sys
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-06-24 19:29 - 2014-06-24 19:30 - 00000000 ____D () C:\FRST
2014-06-24 19:28 - 2014-06-24 19:28 - 00000586 _____ () C:\Documents and Settings\dd\Desktop\JRT.txt
2014-06-24 19:15 - 2014-06-24 19:28 - 00000000 ____D () C:\AdwCleaner
2014-06-22 22:39 - 2014-06-22 22:39 - 00000691 _____ () C:\Documents and Settings\dd\Desktop\CE100 Dialer.lnk
2014-06-22 22:39 - 2014-06-22 22:39 - 00000000 ____D () C:\Program Files\CE100 Dialer
2014-06-22 22:39 - 2014-06-22 22:39 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\CE100 Dialer
2014-06-22 22:39 - 2009-04-07 18:07 - 00102656 _____ (QUALCOMM Incorporated) C:\WINDOWS\system32\Drivers\3GDatausbser.sys
2014-06-19 11:59 - 2014-06-19 11:59 - 00001880 _____ () C:\WINDOWS\bitssetup.log
2014-06-16 13:17 - 2014-06-16 13:17 - 00000000 ____H () C:\Documents and Settings\dd\My Documents\Default.rdp
2014-06-16 12:21 - 2014-06-16 12:21 - 00026624 _____ () C:\WINDOWS\system32\Drivers\TrueSight.sys
2014-06-16 12:21 - 2014-06-16 12:21 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\RogueKiller
2014-06-15 23:04 - 2014-06-15 23:04 - 00000000 ____D () C:\Program Files\DAEMON Tools Lite
2014-06-15 22:37 - 2014-06-15 22:38 - 00000000 ____D () C:\Extra.story.of.Lunatic.Princess
2014-06-15 10:38 - 2014-06-15 10:38 - 00010207 _____ () C:\Documents and Settings\dd\Desktop\WMIC COMMAND.txt
2014-06-15 10:38 - 2014-06-15 10:38 - 00000000 _____ () C:\Documents and Settings\dd\Desktop\New Text Document.txt
2014-06-15 10:24 - 2014-06-15 10:24 - 00010673 _____ () C:\Documents and Settings\dd\Desktop\cmd command.txt
2014-06-14 23:00 - 2014-06-14 23:00 - 00000000 ____D () C:\Program Files\ESET
2014-06-14 13:48 - 2014-06-14 14:51 - 00000000 ____D () C:\Program Files\Hit Malware
2014-06-13 21:51 - 2014-06-13 21:51 - 00000000 ____D () C:\WINDOWS\ERUNT
2014-06-12 00:40 - 2014-06-12 00:40 - 00000000 ____D () C:\Documents and Settings\LocalService\Application Data\Hotspot Shield
2014-06-11 20:54 - 2014-06-11 20:54 - 00001813 _____ () C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk
2014-06-11 20:54 - 2014-06-11 20:54 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Google Chrome
2014-06-11 19:51 - 2014-06-11 20:54 - 00000000 ____D () C:\Program Files\Google
2014-06-09 13:30 - 2014-06-09 13:30 - 00000767 _____ () C:\Documents and Settings\dd\Start Menu\Programs\Internet Explorer.lnk
2014-06-04 14:08 - 2014-06-04 14:08 - 00000777 _____ () C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
2014-06-02 22:36 - 2014-06-02 22:36 - 00001257 _____ () C:\Documents and Settings\dd\Desktop\plastic smile canvas.txt
2014-06-02 22:28 - 2014-06-02 22:28 - 00001196 _____ () C:\Documents and Settings\dd\Desktop\kimi ni gohoushi.txt
==================== One Month Modified Files and Folders =======
2014-06-24 19:30 - 2014-06-24 19:29 - 00000000 ____D () C:\FRST
2014-06-24 19:30 - 2011-01-22 20:39 - 00000000 ____D () C:\Documents and Settings\dd\Local Settings\Temp
2014-06-24 19:28 - 2014-06-24 19:28 - 00000586 _____ () C:\Documents and Settings\dd\Desktop\JRT.txt
2014-06-24 19:28 - 2014-06-24 19:15 - 00000000 ____D () C:\AdwCleaner
2014-06-24 19:25 - 2011-01-22 20:34 - 00320595 _____ () C:\WINDOWS\WindowsUpdate.log
2014-06-24 19:20 - 2013-10-08 21:03 - 00182844 _____ () C:\WINDOWS\system32\nvapps.xml
2014-06-24 19:20 - 2012-05-08 20:46 - 00000159 _____ () C:\WINDOWS\wiadebug.log
2014-06-24 19:20 - 2012-05-08 20:46 - 00000049 _____ () C:\WINDOWS\wiaservc.log
2014-06-24 19:20 - 2011-01-22 20:39 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-06-24 19:19 - 2011-01-22 20:39 - 00032468 _____ () C:\WINDOWS\SchedLgU.Txt
2014-06-24 19:19 - 2011-01-22 20:39 - 00000178 ___SH () C:\Documents and Settings\dd\ntuser.ini
2014-06-23 00:29 - 2011-01-23 03:18 - 00000000 ____D () C:\WINDOWS\security
2014-06-23 00:20 - 2014-04-07 12:33 - 00110296 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-06-22 22:41 - 2012-03-17 06:05 - 01272963 _____ () C:\WINDOWS\setupapi.log
2014-06-22 22:41 - 2011-01-22 20:46 - 00000000 ____D () C:\WINDOWS\system32\ReinstallBackups
2014-06-22 22:39 - 2014-06-22 22:39 - 00000691 _____ () C:\Documents and Settings\dd\Desktop\CE100 Dialer.lnk
2014-06-22 22:39 - 2014-06-22 22:39 - 00000000 ____D () C:\Program Files\CE100 Dialer
2014-06-22 22:39 - 2014-06-22 22:39 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\CE100 Dialer
2014-06-21 23:19 - 2011-01-22 20:39 - 00000178 ___SH () C:\Documents and Settings\LocalService\ntuser.ini
2014-06-21 23:19 - 2011-01-22 20:38 - 00000178 ___SH () C:\Documents and Settings\NetworkService\ntuser.ini
2014-06-20 22:45 - 2011-01-24 14:43 - 00000000 ____D () C:\WINDOWS\system32\NtmsData
2014-06-20 22:44 - 2011-01-22 20:31 - 00000000 ____D () C:\WINDOWS\Registration
2014-06-19 23:01 - 2013-10-03 19:42 - 00055380 _____ () C:\Documents and Settings\dd\Desktop\OTL.Txt
2014-06-19 12:53 - 2011-01-23 03:23 - 00000211 ___SH () C:\boot.ini
2014-06-19 12:53 - 2001-08-23 19:00 - 00000827 _____ () C:\WINDOWS\system.ini
2014-06-19 12:53 - 2001-08-23 19:00 - 00000495 _____ () C:\WINDOWS\win.ini
2014-06-19 12:49 - 2011-01-28 18:29 - 00000000 ____D () C:\WINDOWS\pss
2014-06-19 12:49 - 2011-01-22 20:32 - 00000000 ____D () C:\WINDOWS\system32\Restore
2014-06-19 11:59 - 2014-06-19 11:59 - 00001880 _____ () C:\WINDOWS\bitssetup.log
2014-06-17 00:26 - 2011-01-22 20:34 - 00000000 ___RD () C:\WINDOWS\Offline Web Pages
2014-06-16 13:17 - 2014-06-16 13:17 - 00000000 ____H () C:\Documents and Settings\dd\My Documents\Default.rdp
2014-06-16 13:17 - 2011-01-23 03:25 - 00508956 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-06-16 12:21 - 2014-06-16 12:21 - 00026624 _____ () C:\WINDOWS\system32\Drivers\TrueSight.sys
2014-06-16 12:21 - 2014-06-16 12:21 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\RogueKiller
2014-06-16 00:26 - 2014-04-02 21:27 - 00000091 _____ () C:\Documents and Settings\dd\Desktop\anime hrs ntn.txt
2014-06-15 23:04 - 2014-06-15 23:04 - 00000000 ____D () C:\Program Files\DAEMON Tools Lite
2014-06-15 23:04 - 2011-02-15 11:52 - 00320120 _____ (Duplex Secure Ltd.) C:\WINDOWS\system32\Drivers\sptd.sys
2014-06-15 22:38 - 2014-06-15 22:37 - 00000000 ____D () C:\Extra.story.of.Lunatic.Princess
2014-06-15 10:38 - 2014-06-15 10:38 - 00010207 _____ () C:\Documents and Settings\dd\Desktop\WMIC COMMAND.txt
2014-06-15 10:38 - 2014-06-15 10:38 - 00000000 _____ () C:\Documents and Settings\dd\Desktop\New Text Document.txt
2014-06-15 10:24 - 2014-06-15 10:24 - 00010673 _____ () C:\Documents and Settings\dd\Desktop\cmd command.txt
2014-06-14 23:00 - 2014-06-14 23:00 - 00000000 ____D () C:\Program Files\ESET
2014-06-14 22:17 - 2014-04-07 12:44 - 00053208 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2014-06-14 14:51 - 2014-06-14 13:48 - 00000000 ____D () C:\Program Files\Hit Malware
2014-06-14 13:29 - 2013-10-04 22:41 - 00000000 ____D () C:\Documents and Settings\dd\Application Data\IObit
2014-06-13 21:51 - 2014-06-13 21:51 - 00000000 ____D () C:\WINDOWS\ERUNT
2014-06-13 21:35 - 2013-04-08 21:18 - 00004267 _____ () C:\WINDOWS\netfxocm.log
2014-06-13 21:35 - 2013-04-08 21:18 - 00001863 _____ () C:\WINDOWS\MedCtrOC.log
2014-06-13 21:35 - 2013-04-08 21:18 - 00001280 _____ () C:\WINDOWS\ocmsn.log
2014-06-13 21:35 - 2013-04-08 21:18 - 00000933 _____ () C:\WINDOWS\tabletoc.log
2014-06-13 21:35 - 2013-04-08 21:17 - 00019940 _____ () C:\WINDOWS\iis6.log
2014-06-13 21:35 - 2013-04-08 21:17 - 00019763 _____ () C:\WINDOWS\FaxSetup.log
2014-06-13 21:35 - 2013-04-08 21:17 - 00014468 _____ () C:\WINDOWS\ocgen.log
2014-06-13 21:35 - 2013-04-08 21:17 - 00012003 _____ () C:\WINDOWS\tsoc.log
2014-06-13 21:35 - 2013-04-08 21:17 - 00007076 _____ () C:\WINDOWS\comsetup.log
2014-06-13 21:35 - 2013-04-08 21:17 - 00005616 _____ () C:\WINDOWS\msmqinst.log
2014-06-13 21:35 - 2013-04-08 21:17 - 00004867 _____ () C:\WINDOWS\ntdtcsetup.log
2014-06-13 21:35 - 2013-04-08 21:17 - 00001917 _____ () C:\WINDOWS\imsins.log
2014-06-13 21:35 - 2013-04-08 21:17 - 00001267 _____ () C:\WINDOWS\msgsocm.log
2014-06-13 00:04 - 2012-08-07 12:48 - 00699056 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2014-06-13 00:04 - 2012-08-07 12:48 - 00071344 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2014-06-12 00:41 - 2011-01-22 20:38 - 00000000 __SHD () C:\Documents and Settings\LocalService
2014-06-12 00:40 - 2014-06-12 00:40 - 00000000 ____D () C:\Documents and Settings\LocalService\Application Data\Hotspot Shield
2014-06-11 21:26 - 2011-09-10 20:34 - 00000000 ____D () C:\Documents and Settings\dd\Local Settings\Application Data\Google
2014-06-11 20:54 - 2014-06-11 20:54 - 00001813 _____ () C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk
2014-06-11 20:54 - 2014-06-11 20:54 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Google Chrome
2014-06-11 20:54 - 2014-06-11 19:51 - 00000000 ____D () C:\Program Files\Google
2014-06-11 19:10 - 2011-01-23 03:18 - 00000000 ____D () C:\WINDOWS\Driver Cache
2014-06-10 20:19 - 2012-02-18 21:10 - 00000000 ____D () C:\Documents and Settings\dd\Application Data\Skype
2014-06-10 20:14 - 2013-10-06 20:22 - 00002265 _____ () C:\Documents and Settings\All Users\Desktop\Skype.lnk
2014-06-09 13:30 - 2014-06-09 13:30 - 00000767 _____ () C:\Documents and Settings\dd\Start Menu\Programs\Internet Explorer.lnk
2014-06-04 14:08 - 2014-06-04 14:08 - 00000777 _____ () C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
2014-06-04 14:08 - 2014-04-07 12:44 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2014-06-04 14:08 - 2014-04-07 12:44 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes Anti-Malware
2014-06-02 22:36 - 2014-06-02 22:36 - 00001257 _____ () C:\Documents and Settings\dd\Desktop\plastic smile canvas.txt
2014-06-02 22:28 - 2014-06-02 22:28 - 00001196 _____ () C:\Documents and Settings\dd\Desktop\kimi ni gohoushi.txt
2014-06-02 20:31 - 2011-01-23 03:18 - 00000000 ____D () C:\WINDOWS\Provisioning
2014-05-30 23:13 - 2014-02-12 22:03 - 00000109 _____ () C:\Documents and Settings\dd\Desktop\web game android.txt
2014-05-25 20:40 - 2001-08-23 19:00 - 00002206 _____ () C:\WINDOWS\system32\wpa.dbl
Files to move or delete:
====================
C:\Documents and Settings\dd\jagex_cl_runescape_LIVE.dat
C:\Documents and Settings\dd\random.dat
Some content of TEMP:
====================
C:\Documents and Settings\dd\Local Settings\Temp\Quarantine.exe
==================== Bamital & volsnap Check =================
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
==================== End Of Log ============================