Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

hard to fix-please help

Started by stea , Oct 08 2009 08:54 PM

  • Please log in to reply

#1
stea
Posted 08 October 2009 - 08:54 PM

stea

    New Member

  • Member
  • Pip
  • 1 posts
I got some infections over a week ago now and still having problems.
It would be great if someone could help me out and have a looke over my log files.
I had quite a few trojans, some called bagle. I got various sypmtons; very slow, diactivated window defender and got the blue screen about 4 times while running various anti virus programmes and disconected my wireless connection.

I have managed to get rid of most of them but still running very slow and cant connect to wireless which means I am having lots of trouble with my work.

here are my log files:

mbam log:
Malwarebytes' Anti-Malware 1.41
Database version: 2927
Windows 6.0.6001 Service Pack 1

09/10/2009 03:47:51
mbam-log-2009-10-09 (03-47-51).txt

Scan type: Quick Scan
Objects scanned: 85271
Time elapsed: 5 minute(s), 45 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)


OTL log:
OTL logfile created on: 08/10/2009 03:30:46 - Run 1
OTL by OldTimer - Version 3.0.18.4 Folder = C:\Users\STE\Documents\Desktop
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

1.99 Gb Total Physical Memory | 0.38 Gb Available Physical Memory | 19.08% Memory free
4.00 Gb Paging File | 3.10 Gb Available in Paging File | 77.48% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 68.77 Gb Total Space | 0.47 Gb Free Space | 0.68% Space Free | Partition Type: NTFS
Drive D: | 68.56 Gb Total Space | 22.54 Gb Free Space | 32.87% Space Free | Partition Type: NTFS
Drive E: | 7.37 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: STE-PC
Current User Name: STE
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2009/07/20 14:59:24 | 00,057,344 | R--- | M] (iS3, Inc.) -- C:\Program Files\Common Files\iS3\Anti-Spyware\SZServer.exe
PRC - [2009/09/29 04:11:26 | 01,858,144 | ---- | M] (Emsi Software GmbH) -- C:\Program Files\a-squared Anti-Malware\a2service.exe
PRC - [2007/09/19 22:41:50 | 00,051,200 | ---- | M] () -- C:\Acer\ALaunch\ALaunchSvc.exe
PRC - [2008/03/05 14:15:24 | 00,497,712 | ---- | M] (Egis Incorporated) -- C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
PRC - [2009/05/14 15:47:54 | 00,731,840 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
PRC - [2007/10/02 00:42:36 | 00,024,576 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
PRC - [2008/06/10 17:40:06 | 00,131,072 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\eNet\eNet Service.exe
PRC - [2007/07/13 00:36:12 | 00,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
PRC - [2007/01/17 19:20:10 | 00,061,440 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe
PRC - [2007/11/28 02:54:36 | 00,110,592 | ---- | M] () -- C:\Acer\Mobility Center\MobilityService.exe
PRC - [2008/09/30 13:48:28 | 00,935,208 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
PRC - [2007/12/04 03:58:12 | 00,266,343 | ---- | M] () -- C:\Program Files\CyberLink\Shared Files\RichVideo.exe
PRC - [2003/12/04 17:21:00 | 00,049,152 | ---- | M] (Ulead Systems, Inc.) -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
PRC - [2007/01/30 06:23:52 | 00,386,560 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\System32\DRIVERS\xaudio.exe
PRC - [2007/09/10 23:28:18 | 00,057,344 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
PRC - [2007/12/20 02:09:22 | 00,024,576 | ---- | M] () -- C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
PRC - [2007/09/20 21:57:28 | 00,167,936 | ---- | M] (acer) -- C:\Acer\Empowering Technology\ePower\ePowerSvc.exe
PRC - [2009/01/26 15:31:10 | 01,153,368 | ---- | M] (Safer Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
PRC - [2009/03/03 03:16:04 | 00,247,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\wmiprvse.exe
PRC - [2009/03/03 03:16:04 | 00,247,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\wmiprvse.exe
PRC - [2008/01/21 03:23:52 | 00,037,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\unsecapp.exe
PRC - [2009/10/07 12:05:14 | 00,157,120 | R--- | M] (iS3, Inc.) -- C:\Program Files\STOPzilla!\STOPzilla.exe
PRC - [2008/10/29 07:29:41 | 02,927,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\Explorer.EXE
PRC - [2009/10/07 12:05:16 | 00,456,128 | R--- | M] (iS3, Inc.) -- C:\Program Files\STOPzilla!\SZOptions.exe
PRC - [2007/09/07 04:35:10 | 00,102,400 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynTPStart.exe
PRC - [2009/05/14 15:47:08 | 02,029,640 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
PRC - [2007/09/07 04:56:32 | 01,021,224 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
PRC - [2009/06/12 18:14:48 | 00,307,704 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2009/10/07 12:05:12 | 00,234,944 | R--- | M] (iS3, Inc.) -- C:\Program Files\Common Files\iS3\Anti-Spyware\SZScanner.exe
PRC - [2009/10/08 03:27:33 | 00,520,704 | ---- | M] (OldTimer Tools) -- C:\Users\STE\Documents\Desktop\OTL.exe

========== Win32 Services (SafeList) ==========

SRV - [2009/09/29 04:11:26 | 01,858,144 | ---- | M] (Emsi Software GmbH) -- C:\Program Files\a-squared Anti-Malware\a2service.exe -- (a2AntiMalware [Auto | Running])
SRV - [2007/09/19 22:41:50 | 00,051,200 | ---- | M] () -- C:\Acer\ALaunch\ALaunchSvc.exe -- (ALaunchService [Auto | Running])
SRV - [2009/06/25 16:04:32 | 00,176,128 | ---- | M] (BitDefender S.R.L. http://www.bitdefender.com) -- C:\Program Files\Common Files\BitDefender\BitDefender Arrakis Server\bin\arrakis3.exe -- (Arrakis3 [On_Demand | Stopped])
SRV - [2008/07/27 19:03:13 | 00,069,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32 [On_Demand | Stopped])
SRV - [2008/03/05 14:15:24 | 00,497,712 | ---- | M] (Egis Incorporated) -- C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe -- (eDataSecurity Service [Auto | Running])
SRV - [2008/01/21 03:25:09 | 00,292,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehRecvr.exe -- (ehRecvr [On_Demand | Stopped])
SRV - [2006/11/02 13:35:29 | 00,131,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehsched.exe -- (ehSched [On_Demand | Stopped])
SRV - [2006/11/02 13:35:29 | 00,013,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehstart.dll -- (ehstart [Auto | Stopped])
SRV - [2009/05/14 15:54:22 | 00,020,680 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe -- (EhttpSrv [On_Demand | Stopped])
SRV - [2009/05/14 15:47:54 | 00,731,840 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe -- (ekrn [Auto | Running])
SRV - [2007/10/02 00:42:36 | 00,024,576 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe -- (eLockService [Auto | Running])
SRV - [2008/06/10 17:40:06 | 00,131,072 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\eNet\eNet Service.exe -- (eNet Service [Auto | Running])
SRV - [2007/09/10 23:28:18 | 00,057,344 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe -- (eRecoveryService [Auto | Running])
SRV - [2007/12/20 02:09:22 | 00,024,576 | ---- | M] () -- C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe -- (eSettingsService [Auto | Running])
SRV - [2008/01/21 03:23:49 | 01,013,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wevtsvc.dll -- (Eventlog [Auto | Running])
SRV - [2009/03/24 14:43:13 | 00,655,624 | ---- | M] (Acresso Software Inc.) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service [On_Demand | Stopped])
SRV - [2008/06/20 02:14:44 | 00,046,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0 [On_Demand | Stopped])
SRV - [2007/07/13 00:36:12 | 00,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe -- (IAANTMON [Auto | Running])
SRV - [2008/06/20 02:14:31 | 00,881,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe -- (idsvc [Unknown | Stopped])
SRV - [2007/01/17 19:20:10 | 00,061,440 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe -- (LightScribeService [Auto | Running])
SRV - [2009/08/07 11:54:44 | 00,330,200 | ---- | M] (BitDefender S.R.L.) -- C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe -- (LIVESRV [Auto | Stopped])
SRV - File not found -- -- (McShield [Unknown | Stopped])
SRV - File not found -- -- (McSysmon [On_Demand | Stopped])
SRV - [2007/11/28 02:54:36 | 00,110,592 | ---- | M] () -- C:\Acer\Mobility Center\MobilityService.exe -- (MobilityService [Auto | Running])
SRV - [2008/09/30 13:48:28 | 00,935,208 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe -- (Nero BackItUp Scheduler 4.0 [Auto | Running])
SRV - [2008/06/20 02:14:31 | 00,132,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing [Disabled | Stopped])
SRV - [2003/07/28 13:28:22 | 00,089,136 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose [On_Demand | Stopped])
SRV - [2007/12/04 03:58:12 | 00,266,343 | ---- | M] () -- C:\Program Files\CyberLink\Shared Files\RichVideo.exe -- (RichVideo [Auto | Running])
SRV - [2009/01/26 15:31:10 | 01,153,368 | ---- | M] (Safer Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe -- (SBSDWSCService [Auto | Running])
SRV - [2009/07/13 20:28:18 | 00,323,584 | ---- | M] (S.C. BitDefender S.R.L) -- C:\Program Files\Common Files\BitDefender\BitDefender Threat Scanner\scan.dll -- (scan [On_Demand | Stopped])
SRV - [2009/09/20 05:20:47 | 00,620,544 | ---- | M] (Nokia.) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer [On_Demand | Stopped])
SRV - [2009/07/20 14:59:24 | 00,057,344 | R--- | M] (iS3, Inc.) -- C:\Program Files\Common Files\iS3\Anti-Spyware\SZServer.exe -- (szserver [Auto | Running])
SRV - [2003/12/04 17:21:00 | 00,049,152 | ---- | M] (Ulead Systems, Inc.) -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe -- (UleadBurningHelper [Auto | Running])
SRV - [2007/10/18 12:31:54 | 00,098,328 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Messenger\usnsvc.exe -- (usnjsvc [On_Demand | Stopped])
SRV - [2007/03/29 05:42:42 | 00,029,704 | ---- | M] (TuneUp Software GmbH) -- C:\Windows\System32\uxtuneup.dll -- (UxTuneUp [Auto | Running])
SRV - File not found -- -- (VSSERV [Auto | Stopped])
SRV - [2008/01/21 03:23:32 | 00,272,952 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend [Disabled | Stopped])
SRV - [2007/10/25 16:27:54 | 00,266,240 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\installer\WLSetupSvc.exe -- (WLSetupSvc [On_Demand | Stopped])
SRV - [2007/09/20 21:57:28 | 00,167,936 | ---- | M] (acer) -- C:\Acer\Empowering Technology\ePower\ePowerSvc.exe -- (WMIService [Auto | Running])
SRV - [2008/01/21 03:25:33 | 00,896,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc [On_Demand | Stopped])
SRV - [2007/01/30 06:23:52 | 00,386,560 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\System32\DRIVERS\xaudio.exe -- (XAudioService [Auto | Running])

========== Driver Services (SafeList) ==========

DRV - [2008/01/21 03:23:23 | 00,045,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\DRIVERS\61883.sys -- (61883 [On_Demand | Stopped])
DRV - [2008/08/14 08:57:42 | 00,074,720 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\System32\drivers\adfs.sys -- (adfs [Auto | Running])
DRV - [2008/01/21 03:23:21 | 00,422,968 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx [Disabled | Stopped])
DRV - [2008/01/21 03:23:25 | 00,300,600 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci [Disabled | Stopped])
DRV - [2008/01/21 03:23:26 | 00,101,432 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m [Disabled | Stopped])
DRV - [2008/01/21 03:23:27 | 00,149,560 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320 [Disabled | Stopped])
DRV - [2006/11/02 10:50:11 | 00,071,272 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx [Disabled | Stopped])
DRV - [2008/01/21 03:23:00 | 00,017,464 | ---- | M] (Acer Laboratories Inc.) -- C:\Windows\system32\drivers\aliide.sys -- (aliide [Disabled | Stopped])
DRV - [2008/01/21 03:23:23 | 00,079,416 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\arc.sys -- (arc [Disabled | Stopped])
DRV - [2008/01/21 03:23:24 | 00,079,928 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas [Disabled | Stopped])
DRV - [2007/04/27 17:56:00 | 00,705,024 | ---- | M] (Atheros Communications, Inc.) -- C:\Windows\System32\DRIVERS\athr.sys -- (athr [On_Demand | Running])
DRV - [2008/01/21 03:23:20 | 00,040,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\DRIVERS\avc.sys -- (Avc [On_Demand | Stopped])
DRV - [2007/07/22 08:00:44 | 00,180,736 | ---- | M] (Broadcom Corporation) -- C:\Windows\System32\DRIVERS\b57nd60x.sys -- (b57nd60x [On_Demand | Running])
DRV - [2009/06/29 14:12:38 | 00,152,328 | ---- | M] (BitDefender S.R.L. Bucharest, ROMANIA) -- C:\Windows\System32\DRIVERS\bdfm.sys -- (BDFM [On_Demand | Stopped])
DRV - [2009/07/24 12:26:08 | 00,285,704 | ---- | M] (BitDefender S.R.L. Bucharest, ROMANIA) -- C:\Windows\system32\DRIVERS\bdfsfltr.sys -- (bdfsfltr [Boot | Running])
DRV - [2009/08/06 16:34:34 | 00,118,536 | ---- | M] (BitDefender LLC) -- C:\Program Files\Common Files\BitDefender\BitDefender Firewall\bdftdif.sys -- (bdftdif [System | Running])
DRV - [2006/11/02 09:24:45 | 00,013,568 | ---- | M] (Brother Industries, Ltd.) -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo [On_Demand | Stopped])
DRV - [2006/11/02 09:24:46 | 00,005,248 | ---- | M] (Brother Industries, Ltd.) -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp [On_Demand | Stopped])
DRV - [2006/11/02 09:25:24 | 00,071,808 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\system32\drivers\brserid.sys -- (Brserid [Disabled | Stopped])
DRV - [2006/11/02 09:24:44 | 00,062,336 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm [Disabled | Stopped])
DRV - [2006/11/02 09:24:44 | 00,012,160 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm [Disabled | Stopped])
DRV - [2006/11/02 09:24:47 | 00,011,904 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer [On_Demand | Stopped])
DRV - [2008/01/21 03:23:00 | 00,019,000 | ---- | M] (CMD Technology, Inc.) -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide [Disabled | Stopped])
DRV - [2006/11/02 14:29:38 | 00,021,264 | ---- | M] (Dritek System Inc.) -- C:\Windows\System32\DRIVERS\DKbFltr.sys -- (DKbFltr [On_Demand | Running])
DRV - [2006/11/02 14:27:36 | 00,020,112 | ---- | M] (Dritek System Inc.) -- C:\Program Files\Launch Manager\DPortIO.sys -- (DritekPortIO [System | Running])
DRV - [2008/01/21 03:23:24 | 00,118,784 | ---- | M] (Intel Corporation) -- C:\Windows\System32\DRIVERS\E1G60I32.sys -- (E1G60 [On_Demand | Stopped])
DRV - [2009/05/14 15:41:10 | 00,114,472 | ---- | M] (ESET) -- C:\Windows\System32\DRIVERS\eamon.sys -- (eamon [Auto | Running])
DRV - [2009/05/14 15:47:14 | 00,107,256 | ---- | M] (ESET) -- C:\Windows\System32\DRIVERS\ehdrv.sys -- (ehdrv [System | Running])
DRV - [2008/01/21 03:23:22 | 00,342,584 | ---- | M] (Emulex) -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor [Disabled | Stopped])
DRV - [2007/03/07 09:26:50 | 00,032,256 | ---- | M] (ENE TECHNOLOGY INC.) -- C:\Windows\System32\DRIVERS\enecir.sys -- (enecir [On_Demand | Running])
DRV - [2009/05/14 15:49:34 | 00,093,312 | ---- | M] (ESET) -- C:\Windows\System32\DRIVERS\epfwwfpr.sys -- (epfwwfpr [Auto | Running])
DRV - [2008/01/21 03:23:26 | 00,040,504 | ---- | M] (Hewlett-Packard Company) -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs [Disabled | Stopped])
DRV - [2008/01/21 03:23:22 | 00,200,704 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\System32\DRIVERS\VSTAZL3.SYS -- (HSFHWAZL [On_Demand | Stopped])
DRV - [2007/04/26 10:19:26 | 00,984,064 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\System32\DRIVERS\HSX_DPV.sys -- (HSF_DPV [On_Demand | Running])
DRV - [2007/04/26 10:18:04 | 00,208,384 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\System32\DRIVERS\HSXHWAZL.sys -- (HSXHWAZL [On_Demand | Running])
DRV - [2007/07/13 00:35:02 | 00,305,176 | ---- | M] (Intel Corporation) -- C:\Windows\system32\DRIVERS\iaStor.sys -- (iaStor [Boot | Running])
DRV - [2008/01/21 03:23:23 | 00,235,064 | ---- | M] (Intel Corporation) -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV [Disabled | Stopped])
DRV - [2008/01/22 15:21:38 | 02,016,256 | ---- | M] (Intel Corporation) -- C:\Windows\System32\DRIVERS\igdkmd32.sys -- (igfx [On_Demand | Running])
DRV - [2006/11/02 10:50:17 | 00,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp [Disabled | Stopped])
DRV - [2007/07/03 18:05:20 | 00,015,392 | ---- | M] (Acer, Inc.) -- C:\Acer\Empowering Technology\eRecovery\int15.sys -- (int15 [Auto | Running])
DRV - [2007/09/05 10:36:26 | 01,953,944 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\System32\drivers\RTKVHDA.sys -- (IntcAzAudAddService [On_Demand | Running])
DRV - [2008/07/08 14:54:02 | 00,148,496 | ---- | M] (Kaspersky Lab) -- C:\Windows\System32\DRIVERS\08193271.sys -- (is-NHR3Mdrv [System | Running])
DRV - [2008/07/08 14:54:02 | 00,148,496 | ---- | M] (Kaspersky Lab) -- C:\Windows\System32\DRIVERS\82001760.sys -- (is-QRMGIdrv [System | Running])
DRV - [2008/07/08 14:54:02 | 00,148,496 | ---- | M] (Kaspersky Lab) -- C:\Windows\System32\DRIVERS\57724115.sys -- (is-VAPCKdrv [System | Running])
DRV - [2006/11/02 10:50:07 | 00,035,944 | ---- | M] (Integrated Technology Express, Inc.) -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi [Disabled | Stopped])
DRV - [2006/11/02 10:50:09 | 00,035,944 | ---- | M] (Integrated Technology Express, Inc.) -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid [Disabled | Stopped])
DRV - [2008/01/21 03:23:23 | 00,096,312 | ---- | M] (LSI Logic) -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC [Disabled | Stopped])
DRV - [2008/01/21 03:23:25 | 00,089,656 | ---- | M] (LSI Logic) -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS [Disabled | Stopped])
DRV - [2008/01/21 03:23:23 | 00,096,312 | ---- | M] (LSI Logic) -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI [Disabled | Stopped])
DRV - [2006/06/19 07:26:58 | 00,012,672 | ---- | M] (Conexant) -- C:\Windows\System32\DRIVERS\mdmxsdk.sys -- (mdmxsdk [Auto | Running])
DRV - [2008/01/21 03:23:27 | 00,031,288 | ---- | M] (LSI Corporation) -- C:\Windows\system32\drivers\megasas.sys -- (megasas [Disabled | Stopped])
DRV - [2008/01/21 03:23:27 | 00,386,616 | ---- | M] (LSI Corporation, Inc.) -- C:\Windows\system32\drivers\megasr.sys -- (MegaSR [Disabled | Stopped])
DRV - [2006/11/02 10:49:59 | 00,033,384 | ---- | M] (LSI Logic Corporation) -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x [Disabled | Stopped])
DRV - [2008/01/21 03:23:26 | 00,052,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\DRIVERS\msdv.sys -- (MSDV [On_Demand | Stopped])
DRV - [2008/01/21 03:23:20 | 02,225,664 | ---- | M] (Intel Corporation) -- C:\Windows\System32\DRIVERS\NETw3v32.sys -- (NETw3v32 [On_Demand | Stopped])
DRV - [2007/12/29 20:05:26 | 02,252,800 | ---- | M] (Intel Corporation) -- C:\Windows\System32\DRIVERS\NETw4v32.sys -- (NETw4v32 [On_Demand | Stopped])
DRV - [2006/11/02 10:50:19 | 00,045,160 | ---- | M] (IBM Corporation) -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960 [Disabled | Stopped])
DRV - [2008/09/15 08:56:24 | 00,017,664 | ---- | M] (Nokia) -- C:\Windows\System32\drivers\ccdcmb.sys -- (nmwcd [On_Demand | Stopped])
DRV - [2008/09/15 08:56:24 | 00,022,016 | ---- | M] (Nokia) -- C:\Windows\System32\drivers\ccdcmbo.sys -- (nmwcdc [On_Demand | Stopped])
DRV - [2008/03/18 14:21:52 | 00,006,144 | ---- | M] (NewTech Infosystems, Inc.) -- C:\Windows\System32\DRIVERS\NTIDrvr.sys -- (NTIDrvr [On_Demand | Running])
DRV - [2006/11/02 08:36:50 | 00,020,608 | ---- | M] (N-trig Innovative Technologies) -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi [Disabled | Stopped])
DRV - [2008/01/21 03:23:21 | 00,102,968 | ---- | M] (NVIDIA Corporation) -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid [Disabled | Stopped])
DRV - [2008/01/21 03:23:21 | 00,045,112 | ---- | M] (NVIDIA Corporation) -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor [Disabled | Stopped])
DRV - [2008/08/26 10:26:12 | 00,018,816 | ---- | M] (Nokia) -- C:\Windows\System32\DRIVERS\pccsmcfd.sys -- (pccsmcfd [On_Demand | Stopped])
DRV - [2009/05/07 04:22:06 | 00,014,720 | ---- | M] (BitDefender S.R.L.) -- C:\Program Files\Common Files\BitDefender\BitDefender Threat Scanner\profos.sys -- (Profos [On_Demand | Stopped])
DRV - [2008/01/03 12:07:24 | 00,018,480 | ---- | M] (Egis Incorporated) -- C:\Windows\system32\DRIVERS\psdfilter.sys -- (PSDFilter [Boot | Running])
DRV - [2008/01/03 12:07:24 | 00,016,432 | ---- | M] (Egis Incorporated) -- C:\Windows\System32\DRIVERS\PSDNServ.sys -- (PSDNServ [Auto | Running])
DRV - [2008/01/03 12:07:26 | 00,059,952 | ---- | M] (Egis Incorporated) -- C:\Windows\System32\DRIVERS\PSDVdisk.sys -- (psdvdisk [Auto | Running])
DRV - [2008/02/06 03:00:00 | 00,044,608 | ---- | M] (Sonic Solutions) -- C:\Windows\System32\Drivers\PxHelp20.sys -- (PxHelp20 [Boot | Running])
DRV - [2008/01/21 03:23:24 | 01,122,360 | ---- | M] (QLogic Corporation) -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300 [Disabled | Stopped])
DRV - [2006/11/02 10:50:35 | 00,106,088 | ---- | M] (QLogic Corporation) -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx [Disabled | Stopped])
DRV - [2007/08/09 04:42:08 | 00,045,568 | ---- | M] (REDC) -- C:\Windows\System32\DRIVERS\rimmptsk.sys -- (rimmptsk [Auto | Running])
DRV - [2007/07/30 18:42:58 | 00,043,008 | ---- | M] (REDC) -- C:\Windows\System32\DRIVERS\rimsptsk.sys -- (rimsptsk [Auto | Running])
DRV - [2007/07/30 19:54:02 | 00,038,400 | ---- | M] (REDC) -- C:\Windows\System32\DRIVERS\rixdptsk.sys -- (rismxdp [Auto | Running])
DRV - [2009/09/15 11:42:46 | 00,009,968 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS -- (SASDIFSV [System | Running])
DRV - [2009/09/15 11:42:48 | 00,007,408 | R--- | M] ( SUPERAdBlocker.com and SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASENUM.SYS -- (SASENUM [On_Demand | Stopped])
DRV - [2009/09/15 11:42:44 | 00,074,480 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys -- (SASKUTIL [System | Running])
DRV - [2008/01/21 03:23:26 | 00,074,808 | ---- | M] (Silicon Integrated Systems) -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4 [Disabled | Stopped])
DRV - [2006/11/02 10:50:05 | 00,035,944 | ---- | M] (LSI Logic) -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx [Disabled | Stopped])
DRV - [2006/11/02 10:49:56 | 00,031,848 | ---- | M] (LSI Logic) -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi [Disabled | Stopped])
DRV - [2006/11/02 10:50:03 | 00,034,920 | ---- | M] (LSI Logic) -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3 [Disabled | Stopped])
DRV - [2007/09/07 04:56:38 | 00,192,816 | ---- | M] (Synaptics, Inc.) -- C:\Windows\System32\DRIVERS\SynTP.sys -- (SynTP [On_Demand | Running])
DRV - [2009/05/12 14:13:12 | 00,061,328 | R--- | M] (iS3 Inc.) -- C:\Windows\system32\DRIVERS\szkg.sys -- (szkg5 [Boot | Running])
DRV - [2009/05/07 04:22:06 | 00,039,808 | ---- | M] (BitDefender S.R.L.) -- C:\Program Files\Common Files\BitDefender\BitDefender Threat Scanner\trufos.sys -- (Trufos [On_Demand | Stopped])
DRV - [2008/01/21 03:23:20 | 00,238,648 | ---- | M] (ULi Electronics Inc.) -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci [Disabled | Stopped])
DRV - [2006/11/02 10:50:35 | 00,098,408 | ---- | M] (Promise Technology, Inc.) -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata [Disabled | Stopped])
DRV - [2008/01/21 03:23:23 | 00,115,816 | ---- | M] (Promise Technology, Inc.) -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2 [Disabled | Stopped])
DRV - [2008/09/15 08:56:24 | 00,008,064 | ---- | M] (Windows ® Codename Longhorn DDK provider) -- C:\Windows\System32\DRIVERS\usbser_lowerflt.sys -- (upperdev [On_Demand | Stopped])
DRV - [2008/01/21 03:23:27 | 00,028,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbser.sys -- (usbser [On_Demand | Stopped])
DRV - [2008/09/15 08:56:34 | 00,008,064 | ---- | M] (Windows ® Codename Longhorn DDK provider) -- C:\Windows\System32\DRIVERS\usbser_lowerfltj.sys -- (UsbserFilt [On_Demand | Stopped])
DRV - [2008/01/21 03:23:00 | 00,020,024 | ---- | M] (VIA Technologies, Inc.) -- C:\Windows\system32\drivers\viaide.sys -- (viaide [Disabled | Stopped])
DRV - [2008/01/21 03:23:23 | 00,130,616 | ---- | M] (VIA Technologies Inc.,Ltd) -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid [Disabled | Stopped])
DRV - [2007/04/26 10:17:54 | 00,660,480 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\System32\DRIVERS\HSX_CNXT.sys -- (winachsf [On_Demand | Running])
DRV - [2007/01/30 06:23:30 | 00,008,704 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\System32\DRIVERS\xaudio.sys -- (XAudio [Auto | Running])
DRV - [2008/01/05 01:15:08 | 00,041,456 | ---- | M] (Cyberlink Corp.) -- C:\Program Files\Acer Arcade Deluxe\Play Movie\000.fcl -- ({49DE1C67-83F8-4102-99E0-C16DCC7EEC796} [Auto | Running])

========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://en.uk.acer.yahoo.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn...st/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn...st/srchasst.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://global.acer.com [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Page_Transitions = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...amp;ar=iesearch
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://www.google.co...en&sa=N&tab=lw"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}:6.0.11
FF - prefs.js..extensions.enabledItems: {B7082FAA-CB62-4872-9106-E42DD88EDE45}:2.8
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.0.4


FF - HKLM\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\Nokia\Nokia PC Suite 7\bkmrksync\ [2009/03/21 19:35:32 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2009/09/01 22:40:21 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\BitDefender\BitDefender 2010\bdaphffext\
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.11\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2009/09/26 14:57:39 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.11\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2009/09/20 09:37:28 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\[email protected]: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird

[2009/02/15 01:15:32 | 00,000,000 | ---D | M] -- C:\Users\STE\AppData\Roaming\mozilla\Extensions
[2008/11/20 19:22:26 | 00,000,000 | ---D | M] -- C:\Users\STE\AppData\Roaming\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2009/02/15 01:15:32 | 00,000,000 | ---D | M] -- C:\Users\STE\AppData\Roaming\mozilla\Extensions\[email protected]
[2009/09/22 00:45:35 | 00,000,000 | ---D | M] -- C:\Users\STE\AppData\Roaming\mozilla\Firefox\Profiles\t9ymalu6.default\extensions
[2009/02/09 03:14:34 | 00,000,000 | ---D | M] -- C:\Users\STE\AppData\Roaming\mozilla\Firefox\Profiles\t9ymalu6.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}
[2009/09/19 15:22:23 | 00,000,000 | ---D | M] -- C:\Users\STE\AppData\Roaming\mozilla\Firefox\Profiles\t9ymalu6.default\extensions\{75623d5d-4683-402a-b610-ac4bab767c86}
[2009/02/09 12:08:30 | 00,000,000 | ---D | M] -- C:\Users\STE\AppData\Roaming\mozilla\Firefox\Profiles\t9ymalu6.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
[2009/09/19 03:34:31 | 00,000,000 | ---D | M] -- C:\Users\STE\AppData\Roaming\mozilla\Firefox\Profiles\t9ymalu6.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}
[2009/09/22 00:45:35 | 00,000,000 | ---D | M] -- C:\Users\STE\AppData\Roaming\mozilla\Firefox\Profiles\t9ymalu6.default\extensions\[email protected]
[2009/02/09 03:13:38 | 00,000,000 | ---D | M] -- C:\Users\STE\AppData\Roaming\mozilla\Firefox\Profiles\t9ymalu6.default\extensions\[email protected]
[2009/09/22 00:45:35 | 00,000,000 | ---D | M] -- C:\Users\STE\AppData\Roaming\mozilla\Firefox\Profiles\t9ymalu6.default\extensions\staged-xpis
[2009/09/22 00:44:59 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions
[2009/09/19 03:33:34 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2008/11/22 15:04:53 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{B13721C7-F507-4982-B2E5-502A71474FED}
[2009/01/10 02:10:17 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}
[2009/09/14 16:03:28 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}
[2009/06/12 18:14:48 | 00,023,032 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browserdirprovider.dll
[2009/06/12 18:14:48 | 00,134,648 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\brwsrcmp.dll
[2009/08/07 10:38:10 | 00,044,544 | ---- | M] (BitDefender S.R.L.) -- C:\Program Files\mozilla firefox\components\FFComm.dll
[2009/08/09 22:14:12 | 00,049,152 | ---- | M] () -- C:\Program Files\mozilla firefox\components\SuperSearchXPCOM.dll
[2007/04/10 18:21:08 | 00,163,256 | ---- | M] (Microsoft Corporation) -- C:\Program Files\mozilla firefox\plugins\np-mswmp.dll
[2009/07/31 15:23:11 | 00,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeploytk.dll
[2009/06/12 18:14:48 | 00,065,528 | ---- | M] (mozilla.org) -- C:\Program Files\mozilla firefox\plugins\npnul32.dll
[2007/03/22 20:23:30 | 00,017,248 | ---- | M] (Microsoft Corporation) -- C:\Program Files\mozilla firefox\plugins\NPOFFICE.DLL
[2008/10/14 21:33:30 | 00,095,600 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\mozilla firefox\plugins\nppdf32.dll
[2009/01/05 21:04:04 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin.dll
[2009/01/05 21:04:04 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll
[2009/01/05 21:04:05 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll
[2009/01/05 21:04:05 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll
[2009/01/05 21:04:05 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll
[2009/01/05 21:04:05 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll
[2009/01/05 21:04:05 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin7.dll
[2008/09/15 12:52:06 | 00,376,832 | ---- | M] ( ) -- C:\Program Files\mozilla firefox\plugins\npsnapfish.dll
[2009/09/19 03:33:32 | 00,001,538 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-en-GB.xml
[2009/09/19 03:33:32 | 00,002,193 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\answers.xml
[2009/09/19 03:33:32 | 00,000,947 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\chambers-en-GB.xml
[2009/09/19 03:33:32 | 00,001,534 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\creativecommons.xml
[2009/09/19 03:33:32 | 00,000,759 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-en-GB.xml
[2009/09/19 03:33:32 | 00,001,706 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\google.xml
[2009/09/18 01:11:18 | 00,002,664 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\SiteVacuum.xml
[2009/09/19 03:33:32 | 00,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia.xml
[2009/09/19 03:33:32 | 00,000,831 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-en-GB.xml

O1 HOSTS File: (42 bytes) - C:\Windows\System32\drivers\etc\Hosts
O1 - Hosts: ::1 localhost
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (ZILLAbar Browser Helper Object) - {1827766B-9F49-4854-8034-F6EE26FCB1EC} - C:\Program Files\STOPzilla!\SZSG.dll (iS3, Inc)
O2 - BHO: (ShowBarObj Class) - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Acer\Empowering Technology\eDataSecurity\x86\ActiveToolBand.dll (HiTRUST)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (STOPzilla Browser Helper Object) - {E3215F20-3212-11D6-9F8B-00D0B743919D} - C:\Program Files\STOPzilla!\SZIEBHO.dll (iS3, Inc.)
O3 - HKLM\..\Toolbar: (no name) - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll (Egis Incorporated.)
O3 - HKLM\..\Toolbar: (STOPzilla) - {98828DED-A591-462F-83BA-D2F62A68B8B8} - C:\Program Files\STOPzilla!\SZSG.dll (iS3, Inc)
O3 - HKCU\..\Toolbar\ShellBrowser: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477E-A7DD-396DB0476E29} - C:\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll (Egis Incorporated.)
O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET)
O4 - HKLM..\Run: [SynTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe (Synaptics, Inc.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\control panel present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\restrictions present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\OFFICE11\EXCEL.EXE (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Uninstall BitDefender Online Scanner - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe ()
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\System32\NLAapi.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\System32\napinsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\System32\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\System32\pnrpnsp.dll (Microsoft Corporation)
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} http://dlm.tools.aka...vex-2.2.4.1.cab (DLM Control)
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} http://download.bitd...can8/oscan8.cab (BDSCANONLINE Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_16)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\livecall - No CLSID value found
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim - No CLSID value found
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Common Files\microsoft shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Common Files\microsoft shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Filter: - text/xml - C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll (SUPERAntiSpyware.com)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\Windows\System32\igfxdev.dll (Intel Corporation)
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 22:43:36 | 00,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\Windows\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - File not found
O35 - comfile [open] -- "%1" %* File not found
O35 - exefile [open] -- "%1" %* File not found

========== Files/Folders - Created Within 30 Days ==========

[1 C:\Windows\*.tmp files]
[2009/10/02 02:09:39 | 00,000,000 | ---D | C] -- C:\ProgramData\Atheros
[2009/09/18 01:11:03 | 00,000,000 | ---D | C] -- C:\ProgramData\Babylon
[2009/09/26 05:40:46 | 00,000,000 | ---D | C] -- C:\ProgramData\BitDefender
[2009/09/17 22:30:21 | 00,000,000 | ---D | C] -- C:\ProgramData\eMule
[2009/09/28 19:00:36 | 00,000,000 | ---D | C] -- C:\ProgramData\is-DTI16
[2009/09/21 02:18:15 | 00,000,000 | ---D | C] -- C:\ProgramData\is-JELEG
[2009/09/28 05:10:17 | 00,000,000 | ---D | C] -- C:\ProgramData\is-NHR3M
[2009/09/23 01:38:27 | 00,000,000 | ---D | C] -- C:\ProgramData\is-O8FD6
[2009/09/20 13:37:28 | 00,000,000 | ---D | C] -- C:\ProgramData\is-QRMGI
[2009/09/28 19:13:46 | 00,000,000 | ---D | C] -- C:\ProgramData\is-VAPCK
[2009/10/07 20:49:33 | 00,000,000 | ---D | C] -- C:\ProgramData\Office Genuine Advantage
[2009/10/08 02:18:17 | 00,000,000 | ---D | C] -- C:\ProgramData\SITEguard
[2009/09/26 02:53:36 | 00,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2009/10/08 02:16:35 | 00,000,000 | ---D | C] -- C:\ProgramData\STOPzilla!
[2009/09/20 19:06:07 | 00,000,000 | ---D | C] -- C:\ProgramData\Sunbelt
[2009/09/22 01:36:39 | 00,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com
[2009/09/26 15:31:25 | 00,000,000 | ---D | C] -- C:\ProgramData\WindowsSearch
[2009/09/18 01:11:01 | 00,000,000 | ---D | C] -- C:\Users\STE\AppData\Roaming\Babylon
[2009/09/26 05:42:22 | 00,000,000 | ---D | C] -- C:\Users\STE\AppData\Roaming\BitDefender
[2009/10/02 02:09:36 | 00,000,000 | ---D | C] -- C:\Users\STE\AppData\Roaming\InstallShield
[2009/09/20 19:06:12 | 00,000,000 | ---D | C] -- C:\Users\STE\AppData\Roaming\Sunbelt
[2009/09/22 01:36:14 | 00,000,000 | ---D | C] -- C:\Users\STE\AppData\Roaming\SUPERAntiSpyware.com
[2009/09/17 22:28:39 | 00,000,000 | ---D | C] -- C:\Users\STE\AppData\Local\eMule
[2009/10/02 01:46:09 | 00,000,000 | ---D | C] -- C:\Users\STE\AppData\Local\temp
[2009/09/26 05:37:39 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\BitDefender
[2009/10/08 02:16:36 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\iS3
[2009/09/29 04:01:37 | 00,000,000 | ---D | C] -- C:\Program Files\a-squared Anti-Malware
[2009/10/02 02:14:24 | 00,000,000 | ---D | C] -- C:\Program Files\Atheros
[2009/10/08 02:47:20 | 00,000,000 | ---D | C] -- C:\Program Files\Bazooka Scanner
[2009/09/20 01:53:29 | 00,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2009/09/26 02:53:36 | 00,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy
[2009/10/08 02:16:37 | 00,000,000 | ---D | C] -- C:\Program Files\STOPzilla!
[2009/09/20 19:05:57 | 00,000,000 | ---D | C] -- C:\Program Files\Sunbelt Software
[2009/09/22 01:36:14 | 00,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2009/09/20 19:03:54 | 00,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2009/09/19 17:08:05 | 00,000,000 | ---D | C] -- C:\Program Files\TrojanHunter 5.2
[2009/10/08 03:27:11 | 00,520,704 | ---- | C] (OldTimer Tools) -- C:\Users\STE\Documents\Desktop\OTL.exe
[2009/10/08 02:06:41 | 00,000,000 | -HSD | C] -- C:\Config.Msi
[2009/10/07 04:30:27 | 00,705,024 | ---- | C] (Atheros Communications, Inc.) -- C:\Windows\System32\drivers\athr.sys
[2009/10/07 04:30:27 | 00,705,024 | ---- | C] (Atheros Communications, Inc.) -- C:\Windows\System32\athr.sys
[2009/10/06 15:42:46 | 00,000,000 | ---D | C] -- C:\SDFix
[2009/10/06 02:29:58 | 00,000,000 | ---D | C] -- C:\Windows\Downloaded Installations
[2009/10/03 03:04:17 | 00,119,808 | ---- | C] (Atribune.org) -- C:\Users\STE\Documents\Desktop\VundoFix.exe
[2009/10/02 02:14:24 | 00,000,000 | ---D | C] -- C:\Windows\Options
[2009/10/02 01:46:09 | 00,000,000 | ---D | C] -- C:\Windows\temp
[2009/10/02 01:41:54 | 00,000,000 | ---D | C] -- C:\$RECYCLE.BIN
[2009/10/02 01:06:31 | 00,031,232 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2009/10/02 01:06:29 | 00,212,480 | ---- | C] (SteelWerX) -- C:\Windows\SWXCACLS.exe
[2009/10/02 01:06:29 | 00,161,792 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2009/10/02 01:06:29 | 00,136,704 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2009/10/02 01:06:20 | 00,000,000 | ---D | C] -- C:\Windows\ERDNT
[2009/10/02 01:03:19 | 00,000,000 | ---D | C] -- C:\Qoobox
[2009/10/01 05:04:28 | 00,000,000 | ---D | C] -- C:\Windows\BDOSCAN8
[2009/09/29 04:01:37 | 00,000,000 | ---D | C] -- C:\Users\STE\Documents\a-squared
[2009/09/28 19:13:10 | 00,148,496 | ---- | C] (Kaspersky Lab) -- C:\Windows\System32\drivers\57724115.sys
[2009/09/28 19:13:09 | 00,000,000 | ---D | C] -- C:\Users\STE\Documents\Desktop\Virus Removal Tool1
[2009/09/28 05:09:42 | 00,148,496 | ---- | C] (Kaspersky Lab) -- C:\Windows\System32\drivers\08193271.sys
[2009/09/28 05:09:41 | 00,000,000 | ---D | C] -- C:\Users\STE\Documents\Desktop\Virus Removal Tool
[2009/09/26 05:36:49 | 00,066,048 | ---- | C] (SOFTWIN) -- C:\Users\STE\Documents\Desktop\antibagle-en.exe
[2009/09/20 13:37:14 | 00,148,496 | ---- | C] (Kaspersky Lab) -- C:\Windows\System32\drivers\82001760.sys
[2009/09/20 00:38:58 | 00,000,000 | ---D | C] -- C:\Windows\Minidump
[2009/09/19 16:59:49 | 00,000,000 | ---D | C] -- C:\VundoFix Backups
[2009/09/19 16:58:45 | 00,000,000 | ---D | C] -- C:\Users\STE\Documents\Simply Super Software
[2009/09/15 00:51:11 | 00,000,000 | ---D | C] -- C:\Users\STE\Documents\new_cinema_home_date.aspx_files
[2009/09/14 16:03:27 | 00,149,280 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
[2009/09/14 16:03:27 | 00,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
[2009/09/14 16:03:27 | 00,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
[2009/09/09 12:02:50 | 00,897,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\tcpip.sys
[2009/09/09 12:02:50 | 00,104,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netiohlp.dll
[2009/09/09 12:02:50 | 00,027,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NETSTAT.EXE
[2009/09/09 12:02:50 | 00,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ARP.EXE
[2009/09/09 12:02:50 | 00,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ROUTE.EXE
[2009/09/09 12:02:50 | 00,011,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MRINFO.EXE
[2009/09/09 12:02:50 | 00,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\finger.exe
[2009/09/09 12:02:50 | 00,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TCPSVCS.EXE
[2009/09/09 12:02:50 | 00,008,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\HOSTNAME.EXE
[2009/09/09 12:02:49 | 00,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netevent.dll
[2009/09/09 12:02:38 | 00,513,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlansvc.dll
[2009/09/09 12:02:38 | 00,302,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlansec.dll
[2009/09/09 12:02:38 | 00,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlanmsm.dll
[2009/09/09 12:02:38 | 00,127,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\L2SecHC.dll
[2009/09/09 12:02:36 | 02,868,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mf.dll
[2009/09/09 12:02:36 | 02,386,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVCORE.DLL
[2009/09/09 12:02:33 | 00,512,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll

========== Files - Modified Within 30 Days ==========

[1 C:\Windows\*.tmp files]
[2009/10/08 03:34:27 | 12,308,39840 | -HS- | M] () -- C:\Windows\System32\drivers\fidbox.dat
[2009/10/08 03:34:24 | 00,000,344 | ---- | M] () -- C:\Windows\System32\drivers\kgpfr2.cfg
[2009/10/08 03:27:33 | 00,520,704 | ---- | M] (OldTimer Tools) -- C:\Users\STE\Documents\Desktop\OTL.exe
[2009/10/08 03:23:38 | 00,000,016 | ---- | M] () -- C:\Windows\System32\drivers\fidbox.dat.szfi
[2009/10/08 02:57:51 | 00,694,964 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2009/10/08 02:57:51 | 00,603,282 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2009/10/08 02:57:51 | 00,106,696 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2009/10/08 02:53:39 | 00,000,240 | ---- | M] () -- C:\Windows\System32\drivers\kgpcpy.cfg
[2009/10/08 02:53:07 | 00,003,216 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2009/10/08 02:53:07 | 00,003,216 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2009/10/08 02:53:06 | 00,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2009/10/08 02:52:59 | 00,067,584 | ---- | M] () -- C:\Windows\bootstat.dat
[2009/10/08 02:52:12 | 14,404,004 | -HS- | M] () -- C:\Windows\System32\drivers\fidbox.idx
[2009/10/08 02:50:26 | 04,306,195 | -H-- | M] () -- C:\Users\STE\AppData\Local\IconCache.db
[2009/10/08 02:49:25 | 00,000,905 | ---- | M] () -- C:\Users\STE\Documents\Desktop\Bazooka.lnk
[2009/10/08 02:19:25 | 00,000,042 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2009/10/08 01:44:38 | 00,001,097 | ---- | M] () -- C:\Users\STE\Documents\Desktop\Revo Uninstaller.lnk
[2009/10/07 02:28:20 | 01,968,899 | ---- | M] () -- C:\Users\STE\Documents\Desktop\P1011521.jpg
[2009/10/07 01:46:16 | 00,951,312 | ---- | M] () -- C:\Users\STE\Documents\Desktop\photosite graphic.psd
[2009/10/07 01:28:08 | 01,925,202 | ---- | M] () -- C:\Users\STE\Documents\Desktop\P1010146.jpg
[2009/10/07 00:28:22 | 01,819,847 | ---- | M] () -- C:\Users\STE\Documents\Desktop\FF montage.psd
[2009/10/06 23:51:37 | 00,040,947 | ---- | M] () -- C:\Users\STE\Documents\Desktop\n.jpg
[2009/10/06 21:00:37 | 01,017,884 | ---- | M] () -- C:\Users\STE\Documents\Desktop\rach6t.jpg
[2009/10/06 20:14:31 | 01,471,774 | ---- | M] () -- C:\Users\STE\Documents\Desktop\RA 6.jpg
[2009/10/06 04:12:30 | 00,000,129 | ---- | M] () -- C:\Users\STE\AppData\Roaming\default.rss
[2009/10/06 04:11:36 | 00,022,528 | ---- | M] () -- C:\Users\STE\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/10/04 19:06:18 | 00,023,552 | ---- | M] () -- C:\Users\STE\Documents\Desktop\Hi Guys.doc
[2009/10/03 04:11:55 | 00,332,669 | ---- | M] () -- C:\Users\STE\Documents\Desktop\14B40iYtcqiudq65OBmtnwdAo1_500.gif
[2009/10/03 04:06:05 | 00,082,380 | ---- | M] () -- C:\Users\STE\Documents\Desktop\tumblr_kqsgakMKTb1qzujauo1_500.jpg
[2009/10/03 04:04:43 | 00,062,335 | ---- | M] () -- C:\Users\STE\Documents\Desktop\tumblr_kouhzuUejt1qzxj3jo1_500.jpg
[2009/10/03 04:00:43 | 00,101,901 | ---- | M] () -- C:\Users\STE\Documents\Desktop\tumblr_kqqrt0Dsue1qzujauo1_500.jpg
[2009/10/03 03:57:52 | 00,044,002 | ---- | M] () -- C:\Users\STE\Documents\Desktop\tumblr_kqqvlilf5z1qzknm8o1_500.jpg
[2009/10/03 03:57:30 | 00,230,432 | ---- | M] () -- C:\Users\STE\Documents\Desktop\tumblr_kpsgd6kzMv1qztmg3o1_500.gif
[2009/10/03 03:04:23 | 00,119,808 | ---- | M] (Atribune.org) -- C:\Users\STE\Documents\Desktop\VundoFix.exe
[2009/10/02 02:00:15 | 00,001,136 | ---- | M] () -- C:\Users\STE\Documents\Desktop\page4r.do.htm
[2009/10/02 01:42:07 | 00,000,215 | ---- | M] () -- C:\Windows\system.ini
[2009/10/02 01:02:20 | 03,324,272 | R--- | M] () -- C:\Users\STE\Documents\Desktop\ComboFix.exe
[2009/10/02 00:56:45 | 00,049,346 | ---- | M] () -- C:\Users\STE\Documents\Desktop\how-to-use-combofix.htm
[2009/10/01 19:13:48 | 00,025,600 | ---- | M] () -- C:\Users\STE\Documents\Desktop\gasmask.doc
[2009/09/30 23:37:37 | 00,093,379 | ---- | M] () -- C:\Users\STE\Documents\Desktop\Big Eds Gas Farm 1.2.fdr
[2009/09/29 06:12:27 | 00,062,976 | ---- | M] () -- C:\Users\STE\Documents\Desktop\PHOTO SHOOTS.doc
[2009/09/29 04:02:01 | 00,000,819 | ---- | M] () -- C:\Users\Public\Desktop\a-squared Anti-Malware.lnk
[2009/09/28 05:52:26 | 00,000,000 | -H-- | M] () -- C:\Users\STE\Documents\Default.rdp
[2009/09/28 00:37:59 | 00,001,896 | ---- | M] () -- C:\Users\STE\Documents\Desktop\HijackThis.lnk
[2009/09/26 08:26:42 | 00,000,850 | ---- | M] () -- C:\Windows\System32\ProductTweaks.xml
[2009/09/26 08:19:47 | 00,000,385 | ---- | M] () -- C:\Windows\System32\user_gensett.xml
[2009/09/26 05:36:50 | 00,066,048 | ---- | M] (SOFTWIN) -- C:\Users\STE\Documents\Desktop\antibagle-en.exe
[2009/09/26 02:53:47 | 00,001,065 | ---- | M] () -- C:\Users\STE\Documents\Desktop\Spybot - Search & Destroy.lnk
[2009/09/22 01:36:20 | 00,000,906 | ---- | M] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2009/09/21 23:56:48 | 63,510,459 | ---- | M] () -- C:\Users\STE\Documents\Desktop\P1011204.psd
[2009/09/21 02:03:38 | 00,010,990 | ---- | M] () -- C:\Users\STE\Documents\cc_20090921_020319.reg
[2009/09/20 03:03:55 | 00,001,680 | ---- | M] () -- C:\Users\STE\Documents\Desktop\CCleaner.lnk
[2009/09/20 02:40:13 | 00,473,526 | ---- | M] () -- C:\Users\STE\Documents\divya07_3.11
[2009/09/17 21:19:50 | 00,024,064 | ---- | M] () -- C:\Users\STE\Documents\Treat em mean and keep em keen.doc
[2009/09/15 00:53:05 | 00,008,103 | ---- | M] () -- C:\Users\STE\Documents\new_cinema_home9_date.aspx
[2009/09/15 00:51:14 | 00,009,147 | ---- | M] () -- C:\Users\STE\Documents\new_cinema_home_date.aspx.htm
[2009/09/13 03:56:03 | 00,056,253 | ---- | M] () -- C:\Users\STE\Documents\Desktop\l_bddccc33dddf73a2f9e9d8fd2b8a858b.jpg

========== Files - No Company Name ==========
[2009/10/08 03:23:38 | 00,000,016 | ---- | C] () -- C:\Windows\System32\drivers\fidbox.dat.szfi
[2009/10/08 02:53:45 | 00,000,264 | ---- | C] () -- C:\Windows\System32\drivers\kgpfr2.cfg
[2009/10/08 02:53:39 | 00,000,240 | ---- | C] () -- C:\Windows\System32\drivers\kgpcpy.cfg
[2009/10/08 02:49:25 | 00,000,905 | ---- | C] () -- C:\Users\STE\Documents\Desktop\Bazooka.lnk
[2009/10/08 01:44:38 | 00,001,097 | ---- | C] () -- C:\Users\STE\Documents\Desktop\Revo Uninstaller.lnk
[2009/10/07 20:16:53 | 04,359,137 | ---- | C] () -- C:\Users\STE\Documents\Desktop\Guide.pdf
[2009/10/07 04:30:27 | 00,076,149 | ---- | C] () -- C:\Windows\System32\netathr.inf
[2009/10/07 02:28:14 | 01,968,899 | ---- | C] () -- C:\Users\STE\Documents\Desktop\P1011521.jpg
[2009/10/07 01:31:48 | 00,951,312 | ---- | C] () -- C:\Users\STE\Documents\Desktop\photosite graphic.psd
[2009/10/07 01:27:11 | 01,925,202 | ---- | C] () -- C:\Users\STE\Documents\Desktop\P1010146.jpg
[2009/10/06 23:51:35 | 00,040,947 | ---- | C] () -- C:\Users\STE\Documents\Desktop\n.jpg
[2009/10/06 23:19:42 | 01,819,847 | ---- | C] () -- C:\Users\STE\Documents\Desktop\FF montage.psd
[2009/10/06 21:00:31 | 01,017,884 | ---- | C] () -- C:\Users\STE\Documents\Desktop\rach6t.jpg
[2009/10/06 20:14:27 | 01,471,774 | ---- | C] () -- C:\Users\STE\Documents\Desktop\RA 6.jpg
[2009/10/03 14:54:47 | 00,023,552 | ---- | C] () -- C:\Users\STE\Documents\Desktop\Hi Guys.doc
[2009/10/03 04:11:55 | 00,332,669 | ---- | C] () -- C:\Users\STE\Documents\Desktop\14B40iYtcqiudq65OBmtnwdAo1_500.gif
[2009/10/03 04:06:04 | 00,082,380 | ---- | C] () -- C:\Users\STE\Documents\Desktop\tumblr_kqsgakMKTb1qzujauo1_500.jpg
[2009/10/03 04:04:42 | 00,062,335 | ---- | C] () -- C:\Users\STE\Documents\Desktop\tumblr_kouhzuUejt1qzxj3jo1_500.jpg
[2009/10/03 04:00:43 | 00,101,901 | ---- | C] () -- C:\Users\STE\Documents\Desktop\tumblr_kqqrt0Dsue1qzujauo1_500.jpg
[2009/10/03 03:57:52 | 00,044,002 | ---- | C] () -- C:\Users\STE\Documents\Desktop\tumblr_kqqvlilf5z1qzknm8o1_500.jpg
[2009/10/03 03:57:30 | 00,230,432 | ---- | C] () -- C:\Users\STE\Documents\Desktop\tumblr_kpsgd6kzMv1qztmg3o1_500.gif
[2009/10/02 02:14:25 | 00,030,460 | ---- | C] () -- C:\Windows\System32\athrext.cat
[2009/10/02 02:14:25 | 00,000,008 | RHS- | C] () -- C:\Windows\System32\Desktop_.ini
[2009/10/02 02:00:09 | 00,001,136 | ---- | C] () -- C:\Users\STE\Documents\Desktop\page4r.do.htm
[2009/10/02 01:06:30 | 00,229,888 | ---- | C] () -- C:\Windows\PEV.exe
[2009/10/02 01:06:29 | 00,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2009/10/02 01:06:29 | 00,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2009/10/02 01:06:29 | 00,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2009/10/02 01:01:23 | 03,324,272 | R--- | C] () -- C:\Users\STE\Documents\Desktop\ComboFix.exe
[2009/10/02 00:56:43 | 00,049,346 | ---- | C] () -- C:\Users\STE\Documents\Desktop\how-to-use-combofix.htm
[2009/10/01 19:13:48 | 00,025,600 | ---- | C] () -- C:\Users\STE\Documents\Desktop\gasmask.doc
[2009/09/29 04:02:01 | 00,000,819 | ---- | C] () -- C:\Users\Public\Desktop\a-squared Anti-Malware.lnk
[2009/09/28 05:52:26 | 00,000,000 | -H-- | C] () -- C:\Users\STE\Documents\Default.rdp
[2009/09/28 00:37:59 | 00,001,896 | ---- | C] () -- C:\Users\STE\Documents\Desktop\HijackThis.lnk
[2009/09/26 08:24:52 | 00,000,850 | ---- | C] () -- C:\Windows\System32\ProductTweaks.xml
[2009/09/26 08:17:46 | 00,000,385 | ---- | C] () -- C:\Windows\System32\user_gensett.xml
[2009/09/26 02:53:47 | 00,001,065 | ---- | C] () -- C:\Users\STE\Documents\Desktop\Spybot - Search & Destroy.lnk
[2009/09/22 01:36:20 | 00,000,906 | ---- | C] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2009/09/21 23:56:44 | 63,510,459 | ---- | C] () -- C:\Users\STE\Documents\Desktop\P1011204.psd
[2009/09/21 02:03:22 | 00,010,990 | ---- | C] () -- C:\Users\STE\Documents\cc_20090921_020319.reg
[2009/09/20 18:29:30 | 14,404,004 | -HS- | C] () -- C:\Windows\System32\drivers\fidbox.idx
[2009/09/20 18:29:30 | 12,305,59264 | -HS- | C] () -- C:\Windows\System32\drivers\fidbox.dat
[2009/09/20 02:40:07 | 00,473,526 | ---- | C] () -- C:\Users\STE\Documents\divya07_3.11
[2009/09/20 01:53:30 | 00,001,680 | ---- | C] () -- C:\Users\STE\Documents\Desktop\CCleaner.lnk
[2009/09/17 21:19:50 | 00,024,064 | ---- | C] () -- C:\Users\STE\Documents\Treat em mean and keep em keen.doc
[2009/09/15 00:53:04 | 00,008,103 | ---- | C] () -- C:\Users\STE\Documents\new_cinema_home9_date.aspx
[2009/09/15 00:51:11 | 00,009,147 | ---- | C] () -- C:\Users\STE\Documents\new_cinema_home_date.aspx.htm
[2009/09/13 03:56:02 | 00,056,253 | ---- | C] () -- C:\Users\STE\Documents\Desktop\l_bddccc33dddf73a2f9e9d8fd2b8a858b.jpg
[2009/09/09 12:02:39 | 02,501,921 | ---- | C] () -- C:\Windows\System32\wlan.tmf
[2009/02/09 02:28:37 | 04,306,195 | -H-- | C] () -- C:\Users\STE\AppData\Local\IconCache.db
[2009/01/15 13:45:34 | 00,181,248 | ---- | C] () -- C:\Windows\System32\txmlutil.dll
[2009/01/05 20:45:32 | 00,020,531 | ---- | C] () -- C:\ProgramData\W77X4
[2009/01/05 15:44:10 | 00,000,453 | ---- | C] () -- C:\Windows\bdoscandellang.ini
[2008/12/23 02:32:54 | 00,022,528 | ---- | C] () -- C:\Users\STE\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/11/29 23:42:51 | 00,162,304 | ---- | C] () -- C:\Windows\System32\ztvunrar36.dll
[2008/11/29 23:42:51 | 00,153,088 | ---- | C] () -- C:\Windows\System32\unrar3.dll
[2008/11/29 23:42:51 | 00,077,312 | ---- | C] () -- C:\Windows\System32\ztvunace26.dll
[2008/11/29 23:42:51 | 00,075,264 | ---- | C] () -- C:\Windows\System32\unacev2.dll
[2008/11/27 16:33:17 | 00,000,129 | ---- | C] () -- C:\Users\STE\AppData\Roaming\default.rss
[2008/11/27 16:33:16 | 00,000,000 | ---- | C] () -- C:\Users\STE\AppData\Roaming\downloads.m3u
[2008/11/27 14:14:29 | 00,004,767 | ---- | C] () -- C:\Windows\Irremote.ini
[2008/11/22 15:07:28 | 00,000,056 | ---- | C] () -- C:\ProgramData\ezsidmv.dat
[2008/11/22 01:53:37 | 00,015,360 | ---- | C] () -- C:\Windows\System32\GetInst32.dll
[2008/11/22 01:53:35 | 00,000,118 | ---- | C] () -- C:\Windows\A15U.INI
[2008/11/21 23:05:11 | 00,000,376 | ---- | C] () -- C:\Windows\ODBC.INI
[2008/11/21 02:14:53 | 00,000,026 | ---- | C] () -- C:\ProgramData\.119889580931711767808769176
[2008/11/21 02:08:05 | 00,000,021 | ---- | C] () -- C:\ProgramData\.311018984119889580931149468956
[2008/11/21 01:57:03 | 00,098,296 | ---- | C] () -- C:\Users\STE\AppData\Local\GDIPFONTCACHEV1.DAT
[2008/08/11 22:42:43 | 00,000,030 | ---- | C] () -- C:\Windows\SETPANEL.INI
[2008/08/11 22:42:39 | 00,000,092 | ---- | C] () -- C:\Windows\CLEANUP.INI
[2008/03/18 15:50:41 | 00,001,024 | ---- | C] () -- C:\Windows\System32\NTIBUN4.dll
[2008/03/17 19:42:34 | 00,065,536 | ---- | C] () -- C:\Windows\System32\NATTraversal.dll
[2008/03/17 19:36:06 | 00,015,656 | ---- | C] () -- C:\Windows\System32\drivers\int15_64.sys
[2008/03/17 19:13:52 | 00,000,775 | ---- | C] () -- C:\Windows\RtDefLvl.ini
[2008/03/17 18:44:13 | 00,147,456 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1409.dll
[2008/03/17 18:44:13 | 00,104,636 | ---- | C] () -- C:\Windows\System32\igmedcompkrn.dll
[2008/03/17 18:44:12 | 01,953,696 | ---- | C] () -- C:\Windows\System32\igklg400.dll
[2008/03/17 18:44:12 | 01,533,360 | ---- | C] () -- C:\Windows\System32\igklg450.dll
[2008/03/17 18:40:14 | 01,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2007/03/29 23:00:40 | 00,203,264 | ---- | C] () -- C:\Windows\System32\CddbCdda.dll
[2007/01/31 14:50:32 | 00,913,408 | ---- | C] () -- C:\Windows\System32\xreglib.dll
[2006/11/02 13:50:50 | 00,000,174 | ---- | C] () -- C:\Program Files\desktop.ini
[2006/11/02 13:35:32 | 00,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 11:23:31 | 00,000,240 | ---- | C] () -- C:\Windows\win.ini
[2006/11/02 11:23:31 | 00,000,215 | ---- | C] () -- C:\Windows\system.ini
[2006/11/02 08:40:29 | 00,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2005/11/11 11:43:28 | 00,172,032 | ---- | C] () -- C:\Windows\System32\libssl32.dll
[2005/11/11 11:43:24 | 00,887,296 | ---- | C] () -- C:\Windows\System32\libeay32.dll
[2003/01/07 16:05:08 | 00,002,695 | ---- | C] () -- C:\Windows\System32\OUTLPERF.INI
[2001/12/27 00:12:30 | 00,065,536 | ---- | C] () -- C:\Windows\System32\multiplex_vcd.dll
[2001/09/04 07:46:38 | 00,110,592 | ---- | C] () -- C:\Windows\System32\Hmpg12.dll
[2001/07/31 00:33:56 | 00,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC.dll
[2001/07/24 06:04:36 | 00,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC_MMX.dll

========== Alternate Data Streams ==========

@Alternate Data Stream - 64 bytes -> C:\Users\STE\Documents\08122008007.mp4:TOC.WMV
@Alternate Data Stream - 128 bytes -> C:\ProgramData\TEMP:E36F5B57
@Alternate Data Stream - 126 bytes -> C:\ProgramData\TEMP:CB0AACC9
@Alternate Data Stream - 122 bytes -> C:\ProgramData\TEMP:D1B5B4F1
@Alternate Data Stream - 115 bytes -> C:\ProgramData\TEMP:DFC5A2B2
@Alternate Data Stream - 112 bytes -> C:\ProgramData\TEMP:8173A019
< End of report >

Rootrepeal log:

ROOTREPEAL © AD, 2007-2009
==================================================
Scan Start Time: 2009/10/09 03:52
Program Version: Version 1.3.5.0
Windows Version: Windows Vista SP1
==================================================

Drivers
-------------------
Name: 000.fcl
Image Path: C:\Program Files\Acer Arcade Deluxe\Play Movie\000.fcl
Address: 0xAF519000 Size: 118784 File Visible: - Signed: -
Status: -

Name: 08193271.sys
Image Path: C:\Windows\system32\DRIVERS\08193271.sys
Address: 0x8D3A1000 Size: 163840 File Visible: - Signed: -
Status: -

Name: 1394BUS.SYS
Image Path: C:\Windows\system32\DRIVERS\1394BUS.SYS
Address: 0x8CBAF000 Size: 57344 File Visible: - Signed: -
Status: -

Name: 57724115.sys
Image Path: C:\Windows\system32\DRIVERS\57724115.sys
Address: 0x8D3C9000 Size: 163840 File Visible: - Signed: -
Status: -

Name: 82001760.sys
Image Path: C:\Windows\system32\DRIVERS\82001760.sys
Address: 0x8D379000 Size: 163840 File Visible: - Signed: -
Status: -

Name: acpi.sys
Image Path: C:\Windows\system32\drivers\acpi.sys
Address: 0x87A90000 Size: 286720 File Visible: - Signed: -
Status: -

Name: ACPI_HAL
Image Path: \Driver\ACPI_HAL
Address: 0x81E02000 Size: 3903488 File Visible: - Signed: -
Status: -

Name: adfs.SYS
Image Path: C:\Windows\System32\Drivers\adfs.SYS
Address: 0xAB3BD000 Size: 69248 File Visible: - Signed: -
Status: -

Name: afd.sys
Image Path: C:\Windows\system32\drivers\afd.sys
Address: 0x8DE0A000 Size: 294912 File Visible: - Signed: -
Status: -

Name: atapi.sys
Image Path: C:\Windows\system32\drivers\atapi.sys
Address: 0x87CCD000 Size: 32768 File Visible: - Signed: -
Status: -

Name: ataport.SYS
Image Path: C:\Windows\system32\drivers\ataport.SYS
Address: 0x87CD5000 Size: 122880 File Visible: - Signed: -
Status: -

Name: athr.sys
Image Path: C:\Windows\system32\DRIVERS\athr.sys
Address: 0x8BAEE000 Size: 724992 File Visible: - Signed: -
Status: -

Name: ATMFD.DLL
Image Path: C:\Windows\System32\ATMFD.DLL
Address: 0x95460000 Size: 311296 File Visible: - Signed: -
Status: -

Name: b57nd60x.sys
Image Path: C:\Windows\system32\DRIVERS\b57nd60x.sys
Address: 0x8CB6F000 Size: 196608 File Visible: - Signed: -
Status: -

Name: BATTC.SYS
Image Path: C:\Windows\system32\DRIVERS\BATTC.SYS
Address: 0x87B20000 Size: 40960 File Visible: - Signed: -
Status: -

Name: bdfsfltr.sys
Image Path: C:\Windows\system32\DRIVERS\bdfsfltr.sys
Address: 0x87D3F000 Size: 279040 File Visible: - Signed: -
Status: -

Name: bdftdif.sys
Image Path: C:\Program Files\Common Files\BitDefender\BitDefender Firewall\bdftdif.sys
Address: 0x8DB9A000 Size: 111872 File Visible: - Signed: -
Status: -

Name: Beep.SYS
Image Path: C:\Windows\System32\Drivers\Beep.SYS
Address: 0x8D5EC000 Size: 28672 File Visible: - Signed: -
Status: -

Name: BOOTVID.dll
Image Path: C:\Windows\system32\BOOTVID.dll
Address: 0x8067B000 Size: 32768 File Visible: - Signed: -
Status: -

Name: bowser.sys
Image Path: C:\Windows\system32\DRIVERS\bowser.sys
Address: 0xAB28C000 Size: 102400 File Visible: - Signed: -
Status: -

Name: cdd.dll
Image Path: C:\Windows\System32\cdd.dll
Address: 0x95450000 Size: 57344 File Visible: - Signed: -
Status: -

Name: cdrom.sys
Image Path: C:\Windows\system32\DRIVERS\cdrom.sys
Address: 0x87DC5000 Size: 98304 File Visible: - Signed: -
Status: -

Name: CI.dll
Image Path: C:\Windows\system32\CI.dll
Address: 0x806C4000 Size: 917504 File Visible: - Signed: -
Status: -

Name: circlass.sys
Image Path: C:\Windows\system32\DRIVERS\circlass.sys
Address: 0x8D280000 Size: 57344 File Visible: - Signed: -
Status: -

Name: CLASSPNP.SYS
Image Path: C:\Windows\system32\drivers\CLASSPNP.SYS
Address: 0x8819F000 Size: 135168 File Visible: - Signed: -
Status: -

Name: CLFS.SYS
Image Path: C:\Windows\system32\CLFS.SYS
Address: 0x80683000 Size: 266240 File Visible: - Signed: -
Status: -

Name: CmBatt.sys
Image Path: C:\Windows\system32\DRIVERS\CmBatt.sys
Address: 0x8CBFC000 Size: 14208 File Visible: - Signed: -
Status: -

Name: compbatt.sys
Image Path: C:\Windows\system32\DRIVERS\compbatt.sys
Address: 0x87B1D000 Size: 10496 File Visible: - Signed: -
Status: -

Name: crashdmp.sys
Image Path: C:\Windows\System32\Drivers\crashdmp.sys
Address: 0x8DF82000 Size: 53248 File Visible: - Signed: -
Status: -

Name: crcdisk.sys
Image Path: C:\Windows\system32\drivers\crcdisk.sys
Address: 0x881C0000 Size: 36864 File Visible: - Signed: -
Status: -

Name: dfsc.sys
Image Path: C:\Windows\System32\Drivers\dfsc.sys
Address: 0x8DF30000 Size: 94208 File Visible: - Signed: -
Status: -

Name: disk.sys
Image Path: C:\Windows\system32\drivers\disk.sys
Address: 0x8818E000 Size: 69632 File Visible: - Signed: -
Status: -

Name: DKbFltr.sys
Image Path: C:\Windows\system32\DRIVERS\DKbFltr.sys
Address: 0x8C400000 Size: 40960 File Visible: - Signed: -
Status: -

Name: DPortIO.sys
Image Path: C:\PROGRA~1\LAUNCH~1\DPortIO.sys
Address: 0x8DF22000 Size: 13184 File Visible: - Signed: -
Status: -

Name: drmk.sys
Image Path: C:\Windows\system32\drivers\drmk.sys
Address: 0x8D317000 Size: 151552 File Visible: - Signed: -
Status: -

Name: dump_iaStor.sys
Image Path: C:\Windows\System32\Drivers\dump_iaStor.sys
Address: 0x8BA00000 Size: 815104 File Visible: No Signed: -
Status: -

Name: Dxapi.sys
Image Path: C:\Windows\System32\drivers\Dxapi.sys
Address: 0x8DF8F000 Size: 40960 File Visible: - Signed: -
Status: -

Name: dxgkrnl.sys
Image Path: C:\Windows\System32\drivers\dxgkrnl.sys
Address: 0x8CA59000 Size: 651264 File Visible: - Signed: -
Status: -

Name: eamon.sys
Image Path: C:\Windows\system32\DRIVERS\eamon.sys
Address: 0xA9C02000 Size: 770048 File Visible: - Signed: -
Status: -

Name: ecache.sys
Image Path: C:\Windows\System32\drivers\ecache.sys
Address: 0x88167000 Size: 159744 File Visible: - Signed: -
Status: -

Name: ehdrv.sys
Image Path: C:\Windows\system32\DRIVERS\ehdrv.sys
Address: 0x8DA04000 Size: 118784 File Visible: - Signed: -
Status: -

Name: enecir.sys
Image Path: C:\Windows\system32\DRIVERS\enecir.sys
Address: 0x87FED000 Size: 73728 File Visible: - Signed: -
Status: -

Name: epfwwfpr.sys
Image Path: C:\Windows\system32\DRIVERS\epfwwfpr.sys
Address: 0xAB3CE000 Size: 102400 File Visible: - Signed: -
Status: -

Name: fileinfo.sys
Image Path: C:\Windows\system32\drivers\fileinfo.sys
Address: 0x87D2F000 Size: 65536 File Visible: - Signed: -
Status: -

Name: fltmgr.sys
Image Path: C:\Windows\system32\drivers\fltmgr.sys
Address: 0x87CFD000 Size: 204800 File Visible: - Signed: -
Status: -

Name: Fs_Rec.SYS
Image Path: C:\Windows\System32\Drivers\Fs_Rec.SYS
Address: 0x8D5DC000 Size: 36864 File Visible: - Signed: -
Status: -

Name: fwpkclnt.sys
Image Path: C:\Windows\System32\drivers\fwpkclnt.sys
Address: 0x8DB69000 Size: 110592 File Visible: - Signed: -
Status: -

Name: hal.dll
Image Path: C:\Windows\system32\hal.dll
Address: 0x821BB000 Size: 208896 File Visible: - Signed: -
Status: -

Name: HDAudBus.sys
Image Path: C:\Windows\system32\DRIVERS\HDAudBus.sys
Address: 0x8CB5D000 Size: 73728 File Visible: - Signed: -
Status: -

Name: HIDCLASS.SYS
Image Path: C:\Windows\system32\DRIVERS\HIDCLASS.SYS
Address: 0x8D7D5000 Size: 65536 File Visible: - Signed: -
Status: -

Name: hidir.sys
Image Path: C:\Windows\system32\DRIVERS\hidir.sys
Address: 0x8D7CA000 Size: 45056 File Visible: - Signed: -
Status: -

Name: HIDPARSE.SYS
Image Path: C:\Windows\system32\DRIVERS\HIDPARSE.SYS
Address: 0x8D7E5000 Size: 28672 File Visible: - Signed: -
Status: -

Name: HSX_CNXT.sys
Image Path: C:\Windows\system32\DRIVERS\HSX_CNXT.sys
Address: 0x8D708000 Size: 741376 File Visible: - Signed: -
Status: -

Name: HSX_DPV.sys
Image Path: C:\Windows\system32\DRIVERS\HSX_DPV.sys
Address: 0x8D605000 Size: 1060864 File Visible: - Signed: -
Status: -

Name: HSXHWAZL.sys
Image Path: C:\Windows\system32\DRIVERS\HSXHWAZL.sys
Address: 0x8D33C000 Size: 249856 File Visible: - Signed: -
Status: -

Name: HTTP.sys
Image Path: C:\Windows\system32\drivers\HTTP.sys
Address: 0xAB204000 Size: 438272 File Visible: - Signed: -
Status: -

Name: i8042prt.sys
Image Path: C:\Windows\system32\DRIVERS\i8042prt.sys
Address: 0x881D6000 Size: 77824 File Visible: - Signed: -
Status: -

Name: iaStor.sys
Image Path: C:\Windows\system32\DRIVERS\iaStor.sys
Address: 0x87C06000 Size: 815104 File Visible: - Signed: -
Status: -

Name: igdkmd32.sys
Image Path: C:\Windows\system32\DRIVERS\igdkmd32.sys
Address: 0x8C40C000 Size: 6606848 File Visible: - Signed: -
Status: -

Name: int15.sys
Image Path: C:\Acer\Empowering Technology\eRecovery\int15.sys
Address: 0xAB3E7000 Size: 28672 File Visible: - Signed: -
Status: -

Name: intelide.sys
Image Path: C:\Windows\system32\drivers\intelide.sys
Address: 0x87B83000 Size: 28672 File Visible: - Signed: -
Status: -

Name: intelppm.sys
Image Path: C:\Windows\system32\DRIVERS\intelppm.sys
Address: 0x8BADF000 Size: 61440 File Visible: - Signed: -
Status: -

Name: kbdclass.sys
Image Path: C:\Windows\system32\DRIVERS\kbdclass.sys
Address: 0x8BBF1000 Size: 45056 File Visible: - Signed: -
Status: -

Name: kbdhid.sys
Image Path: C:\Windows\system32\DRIVERS\kbdhid.sys
Address: 0x8D7EC000 Size: 36864 File Visible: - Signed: -
Status: -

Name: kdcom.dll
Image Path: C:\Windows\system32\kdcom.dll
Address: 0x80602000 Size: 32768 File Visible: - Signed: -
Status: -

Name: ks.sys
Image Path: C:\Windows\system32\DRIVERS\ks.sys
Address: 0x8D256000 Size: 172032 File Visible: - Signed: -
Status: -

Name: ksecdd.sys
Image Path: C:\Windows\System32\Drivers\ksecdd.sys
Address: 0x87E0C000 Size: 462848 File Visible: - Signed: -
Status: -

Name: lltdio.sys
Image Path: C:\Windows\system32\DRIVERS\lltdio.sys
Address: 0xA9D6D000 Size: 65536 File Visible: - Signed: -
Status: -

Name: luafv.sys
Image Path: C:\Windows\system32\drivers\luafv.sys
Address: 0x8DFA8000 Size: 110592 File Visible: - Signed: -
Status: -

Name: mcupdate_GenuineIntel.dll
Image Path: C:\Windows\system32\mcupdate_GenuineIntel.dll
Address: 0x8060A000 Size: 393216 File Visible: - Signed: -
Status: -

Name: mdmxsdk.sys
Image Path: C:\Windows\system32\DRIVERS\mdmxsdk.sys
Address: 0xAB3EE000 Size: 12672 File Visible: - Signed: -
Status: -

Name: modem.sys
Image Path: C:\Windows\system32\drivers\modem.sys
Address: 0x8D7BD000 Size: 53248 File Visible: - Signed: -
Status: -

Name: monitor.sys
Image Path: C:\Windows\system32\DRIVERS\monitor.sys
Address: 0x8DF99000 Size: 61440 File Visible: - Signed: -
Status: -

Name: mouclass.sys
Image Path: C:\Windows\system32\DRIVERS\mouclass.sys
Address: 0x881E9000 Size: 45056 File Visible: - Signed: -
Status: -

Name: mouhid.sys
Image Path: C:\Windows\system32\DRIVERS\mouhid.sys
Address: 0x8D7F5000 Size: 32768 File Visible: - Signed: -
Status: -

Name: mountmgr.sys
Image Path: C:\Windows\System32\drivers\mountmgr.sys
Address: 0x87B98000 Size: 65536 File Visible: - Signed: -
Status: -

Name: mpsdrv.sys
Image Path: C:\Windows\System32\drivers\mpsdrv.sys
Address: 0xAB2A5000 Size: 86016 File Visible: - Signed: -
Status: -

Name: mrxdav.sys
Image Path: C:\Windows\system32\drivers\mrxdav.sys
Address: 0xAB2BA000 Size: 131072 File Visible: - Signed: -
Status: -

Name: mrxsmb.sys
Image Path: C:\Windows\system32\DRIVERS\mrxsmb.sys
Address: 0xAB2DA000 Size: 126976 File Visible: - Signed: -
Status: -

Name: mrxsmb10.sys
Image Path: C:\Windows\system32\DRIVERS\mrxsmb10.sys
Address: 0xAB2F9000 Size: 233472 File Visible: - Signed: -
Status: -

Name: mrxsmb20.sys
Image Path: C:\Windows\system32\DRIVERS\mrxsmb20.sys
Address: 0xAB332000 Size: 98304 File Visible: - Signed: -
Status: -

Name: msahci.sys
Image Path: C:\Windows\system32\drivers\msahci.sys
Address: 0x87CF3000 Size: 40960 File Visible: - Signed: -
Status: -

Name: Msfs.SYS
Image Path: C:\Windows\System32\Drivers\Msfs.SYS
Address: 0x8DA5E000 Size: 45056 File Visible: - Signed: -
Status: -

Name: msisadrv.sys
Image Path: C:\Windows\system32\drivers\msisadrv.sys
Address: 0x87ADF000 Size: 32768 File Visible: - Signed: -
Status: -

Name: msiscsi.sys
Image Path: C:\Windows\system32\DRIVERS\msiscsi.sys
Address: 0x87BA8000 Size: 188416 File Visible: - Signed: -
Status: -

Name: msrpc.sys
Image Path: C:\Windows\system32\drivers\msrpc.sys
Address: 0x87F88000 Size: 176128 File Visible: - Signed: -
Status: -

Name: mssmbios.sys
Image Path: C:\Windows\system32\DRIVERS\mssmbios.sys
Address: 0x8D28E000 Size: 40960 File Visible: - Signed: -
Status: -

Name: mup.sys
Image Path: C:\Windows\System32\Drivers\mup.sys
Address: 0x88158000 Size: 61440 File Visible: - Signed: -
Status: -

Name: ndis.sys
Image Path: C:\Windows\system32\drivers\ndis.sys
Address: 0x87E7D000 Size: 1093632 File Visible: - Signed: -
Status: -

Name: ndistapi.sys
Image Path: C:\Windows\system32\DRIVERS\ndistapi.sys
Address: 0x87DF4000 Size: 45056 File Visible: - Signed: -
Status: -

Name: ndiswan.sys
Image Path: C:\Windows\system32\DRIVERS\ndiswan.sys
Address: 0x87BD6000 Size: 143360 File Visible: - Signed: -
Status: -

Name: NDProxy.SYS
Image Path: C:\Windows\System32\Drivers\NDProxy.SYS
Address: 0x8D2D9000 Size: 69632 File Visible: - Signed: -
Status: -

Name: netbios.sys
Image Path: C:\Windows\system32\DRIVERS\netbios.sys
Address: 0x8DE9A000 Size: 57344 File Visible: - Signed: -
Status: -

Name: netbt.sys
Image Path: C:\Windows\System32\DRIVERS\netbt.sys
Address: 0x8DE52000 Size: 204800 File Visible: - Signed: -
Status: -

Name: NETIO.SYS
Image Path: C:\Windows\system32\drivers\NETIO.SYS
Address: 0x87FB3000 Size: 237568 File Visible: - Signed: -
Status: -

Name: Npfs.SYS
Image Path: C:\Windows\System32\Drivers\Npfs.SYS
Address: 0x8DA69000 Size: 57344 File Visible: - Signed: -
Status: -

Name: nsiproxy.sys
Image Path: C:\Windows\system32\drivers\nsiproxy.sys
Address: 0x8DF26000 Size: 40960 File Visible: - Signed: -
Status: -

Name: Ntfs.sys
Image Path: C:\Windows\System32\Drivers\Ntfs.sys
Address: 0x88008000 Size: 1110016 File Visible: - Signed: -
Status: -

Name: NTIDrvr.sys
Image Path: C:\Windows\system32\DRIVERS\NTIDrvr.sys
Address: 0x8BBFC000 Size: 6144 File Visible: - Signed: -
Status: -

Name: ntkrnlpa.exe
Image Path: C:\Windows\system32\ntkrnlpa.exe
Address: 0x81E02000 Size: 3903488 File Visible: - Signed: -
Status: -

Name: Null.SYS
Image Path: C:\Windows\System32\Drivers\Null.SYS
Address: 0x8D5E5000 Size: 28672 File Visible: - Signed: -
Status: -

Name: nwifi.sys
Image Path: C:\Windows\system32\DRIVERS\nwifi.sys
Address: 0xA9D7D000 Size: 172032 File Visible: - Signed: -
Status: -

Name: ohci1394.sys
Image Path: C:\Windows\system32\DRIVERS\ohci1394.sys
Address: 0x8CB9F000 Size: 61952 File Visible: - Signed: -
Status: -

Name: pacer.sys
Image Path: C:\Windows\system32\DRIVERS\pacer.sys
Address: 0x8DE84000 Size: 90112 File Visible: - Signed: -
Status: -

Name: partmgr.sys
Image Path: C:\Windows\System32\drivers\partmgr.sys
Address: 0x87B0E000 Size: 61440 File Visible: - Signed: -
Status: -

Name: pci.sys
Image Path: C:\Windows\system32\drivers\pci.sys
Address: 0x87AE7000 Size: 159744 File Visible: - Signed: -
Status: -

Name: PCIIDEX.SYS
Image Path: C:\Windows\system32\drivers\PCIIDEX.SYS
Address: 0x87B8A000 Size: 57344 File Visible: - Signed: -
Status: -

Name: peauth.sys
Image Path: C:\Windows\system32\drivers\peauth.sys
Address: 0xAF40C000 Size: 909312 File Visible: - Signed: -
Status: -

Name: PnpManager
Image Path: \Driver\PnpManager
Address: 0x81E02000 Size: 3903488 File Visible: - Signed: -
Status: -

Name: portcls.sys
Image Path: C:\Windows\system32\drivers\portcls.sys
Address: 0x8D2EA000 Size: 184320 File Visible: - Signed: -
Status: -

Name: psdfilter.sys
Image Path: C:\Windows\system32\DRIVERS\psdfilter.sys
Address: 0x87D84000 Size: 36864 File Visible: - Signed: -
Status: -

Name: PSDNServ.sys
Image Path: C:\Windows\system32\DRIVERS\PSDNServ.sys
Address: 0xAF4EA000 Size: 36864 File Visible: - Signed: -
Status: -

Name: PSDVdisk.sys
Image Path: C:\Windows\system32\DRIVERS\PSDVdisk.sys
Address: 0xAF4F3000 Size: 73728 File Visible: - Signed: -
Status: -

Name: PSHED.dll
Image Path: C:\Windows\system32\PSHED.dll
Address: 0x8066A000 Size: 69632 File Visible: - Signed: -
Status: -

Name: PxHelp20.sys
Image Path: C:\Windows\System32\Drivers\PxHelp20.sys
Address: 0x87D8D000 Size: 37056 File Visible: - Signed: -
Status: -

Name: rasacd.sys
Image Path: C:\Windows\System32\DRIVERS\rasacd.sys
Address: 0x8DA77000 Size: 36864 File Visible: - Signed: -
Status: -

Name: rasl2tp.sys
Image Path: C:\Windows\system32\DRIVERS\rasl2tp.sys
Address: 0x87DDD000 Size: 94208 File Visible: - Signed: -
Status: -

Name: raspppoe.sys
Image Path: C:\Windows\system32\DRIVERS\raspppoe.sys
Address: 0x8D20C000 Size: 61440 File Visible: - Signed: -
Status: -

Name: raspptp.sys
Image Path: C:\Windows\system32\DRIVERS\raspptp.sys
Address: 0x8D21B000 Size: 81920 File Visible: - Signed: -
Status: -

Name: rassstp.sys
Image Path: C:\Windows\system32\DRIVERS\rassstp.sys
Address: 0x8D22F000 Size: 86016 File Visible: - Signed: -
Status: -

Name: RAW
Image Path: \FileSystem\RAW
Address: 0x81E02000 Size: 3903488 File Visible: - Signed: -
Status: -

Name: rdbss.sys
Image Path: C:\Windows\system32\DRIVERS\rdbss.sys
Address: 0x8DEE6000 Size: 245760 File Visible: - Signed: -
Status: -

Name: RDPCDD.sys
Image Path: C:\Windows\System32\DRIVERS\RDPCDD.sys
Address: 0x8DA4E000 Size: 32768 File Visible: - Signed: -
Status: -

Name: rdpencdd.sys
Image Path: C:\Windows\system32\drivers\rdpencdd.sys
Address: 0x8DA56000 Size: 32768 File Visible: - Signed: -
Status: -

Name: rimmptsk.sys
Image Path: C:\Windows\system32\DRIVERS\rimmptsk.sys
Address: 0x8CBD7000 Size: 69632 File Visible: - Signed: -
Status: -

Name: rimsptsk.sys
Image Path: C:\Windows\system32\DRIVERS\rimsptsk.sys
Address: 0x8CBE8000 Size: 81920 File Visible: - Signed: -
Status: -

Name: rixdptsk.sys
Image Path: C:\Windows\system32\DRIVERS\rixdptsk.sys
Address: 0x8BB9F000 Size: 335872 File Visible: - Signed: -
Status: -

Name: rootrepeal.sys
Image Path: C:\Windows\system32\drivers\rootrepeal.sys
Address: 0xAF53E000 Size: 49152 File Visible: No Signed: -
Status: -

Name: rspndr.sys
Image Path: C:\Windows\system32\DRIVERS\rspndr.sys
Address: 0xA9DA7000 Size: 77824 File Visible: - Signed: -
Status: -

Name: RTKVHDA.sys
Image Path: C:\Windows\system32\drivers\RTKVHDA.sys
Address: 0x8D400000 Size: 1948544 File Visible: - Signed: -
Status: -

Name: SASDIFSV.SYS
Image Path: C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
Address: 0x8DEE0000 Size: 24576 File Visible: - Signed: -
Status: -

Name: SASKUTIL.sys
Image Path: C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys
Address: 0x8DEBB000 Size: 151552 File Visible: - Signed: -
Status: -

Name: sdbus.sys
Image Path: C:\Windows\system32\DRIVERS\sdbus.sys
Address: 0x8CBBD000 Size: 106496 File Visible: - Signed: -
Status: -

Name: smb.sys
Image Path: C:\Windows\system32\DRIVERS\smb.sys
Address: 0x8DBB6000 Size: 81920 File Visible: - Signed: -
Status: -

Name: spldr.sys
Image Path: C:\Windows\System32\Drivers\spldr.sys
Address: 0x88150000 Size: 32768 File Visible: - Signed: -
Status: -

Name: spsys.sys
Image Path: C:\Windows\system32\drivers\spsys.sys
Address: 0xA9CBE000 Size: 716800 File Visible: - Signed: -
Status: -

Name: srv.sys
Image Path: C:\Windows\System32\DRIVERS\srv.sys
Address: 0xAB371000 Size: 311296 File Visible: - Signed: -
Status: -

Name: srv2.sys
Image Path: C:\Windows\System32\DRIVERS\srv2.sys
Address: 0xAB34A000 Size: 159744 File Visible: - Signed: -
Status: -

Name: srvnet.sys
Image Path: C:\Windows\System32\DRIVERS\srvnet.sys
Address: 0xAB26F000 Size: 118784 File Visible: - Signed: -
Status: -

Name: storport.sys
Image Path: C:\Windows\system32\DRIVERS\storport.sys
Address: 0x807B2000 Size: 266240 File Visible: - Signed: -
Status: -

Name: swenum.sys
Image Path: C:\Windows\system32\DRIVERS\swenum.sys
Address: 0x8D254000 Size: 4992 File Visible: - Signed: -
Status: -

Name: SynTP.sys
Image Path: C:\Windows\system32\DRIVERS\SynTP.sys
Address: 0x87D97000 Size: 186112 File Visible: - Signed: -
Status: -

Name: szkg.sys
Image Path: C:\Windows\system32\DRIVERS\szkg.sys
Address: 0x807A4000 Size: 54656 File Visible: No Signed: -
Status: -

Name: tcpip.sys
Image Path: C:\Windows\System32\drivers\tcpip.sys
Address: 0x8DA80000 Size: 954368 File Visible: - Signed: -
Status: -

Name: tcpipreg.sys
Image Path: C:\Windows\System32\drivers\tcpipreg.sys
Address: 0xAF505000 Size: 49152 File Visible: - Signed: -
Status: -

Name: TDI.SYS
Image Path: C:\Windows\system32\DRIVERS\TDI.SYS
Address: 0x87E00000 Size: 45056 File Visible: - Signed: -
Status: -

Name: tdx.sys
Image Path: C:\Windows\system32\DRIVERS\tdx.sys
Address: 0x8DB84000 Size: 90112 File Visible: - Signed: -
Status: -

Name: termdd.sys
Image Path: C:\Windows\system32\DRIVERS\termdd.sys
Address: 0x8D244000 Size: 65536 File Visible: - Signed: -
Status: -

Name: TSDDD.dll
Image Path: C:\Windows\System32\TSDDD.dll
Address: 0x95430000 Size: 36864 File Visible: - Signed: -
Status: -

Name: tunmp.sys
Image Path: C:\Windows\system32\DRIVERS\tunmp.sys
Address: 0x8BAD6000 Size: 36864 File Visible: - Signed: -
Status: -

Name: tunnel.sys
Image Path: C:\Windows\system32\DRIVERS\tunnel.sys
Address: 0x8BACB000 Size: 45056 File Visible: - Signed: -
Status: -

Name: udfs.sys
Image Path: C:\Windows\system32\DRIVERS\udfs.sys
Address: 0x8DF47000 Size: 241664 File Visible: - Signed: -
Status: -

Name: umbus.sys
Image Path: C:\Windows\system32\DRIVERS\umbus.sys
Address: 0x8D298000 Size: 53248 File Visible: - Signed: -
Status: -

Name: USBD.SYS
Image Path: C:\Windows\system32\DRIVERS\USBD.SYS
Address: 0x8C40A000 Size: 8192 File Visible: - Signed: -
Status: -

Name: usbehci.sys
Image Path: C:\Windows\system32\DRIVERS\usbehci.sys
Address: 0x8CB4E000 Size: 61440 File Visible: - Signed: -
Status: -

Name: usbhub.sys
Image Path: C:\Windows\system32\DRIVERS\usbhub.sys
Address: 0x8D2A5000 Size: 212992 File Visible: - Signed: -
Status: -

Name: USBPORT.SYS
Image Path: C:\Windows\system32\DRIVERS\USBPORT.SYS
Address: 0x8CB10000 Size: 253952 File Visible: - Signed: -
Status: -

Name: usbuhci.sys
Image Path: C:\Windows\system32\DRIVERS\usbuhci.sys
Address: 0x8CB05000 Size: 45056 File Visible: - Signed: -
Status: -

Name: vga.sys
Image Path: C:\Windows\System32\drivers\vga.sys
Address: 0x8DA21000 Size: 49152 File Visible: - Signed: -
Status: -

Name: VIDEOPRT.SYS
Image Path: C:\Windows\System32\drivers\VIDEOPRT.SYS
Address: 0x8DA2D000 Size: 135168 File Visible: - Signed: -
Status: -

Name: volmgr.sys
Image Path: C:\Windows\system32\drivers\volmgr.sys
Address: 0x87B2A000 Size: 61440 File Visible: - Signed: -
Status: -

Name: volmgrx.sys
Image Path: C:\Windows\System32\drivers\volmgrx.sys
Address: 0x87B39000 Size: 303104 File Visible: - Signed: -
Status: -

Name: volsnap.sys
Image Path: C:\Windows\system32\drivers\volsnap.sys
Address: 0x88117000 Size: 233472 File Visible: - Signed: -
Status: -

Name: wanarp.sys
Image Path: C:\Windows\system32\DRIVERS\wanarp.sys
Address: 0x8DEA8000 Size: 77824 File Visible: - Signed: -
Status: -

Name: watchdog.sys
Image Path: C:\Windows\System32\drivers\watchdog.sys
Address: 0x8CAF8000 Size: 53248 File Visible: - Signed: -
Status: -

Name: Wdf01000.sys
Image Path: C:\Windows\system32\drivers\Wdf01000.sys
Address: 0x87A07000 Size: 507904 File Visible: - Signed: -
Status: -

Name: WDFLDR.SYS
Image Path: C:\Windows\system32\drivers\WDFLDR.SYS
Address: 0x87A83000 Size: 53248 File Visible: - Signed: -
Status: -

Name: Win32k
Image Path: \Driver\Win32k
Address: 0x95210000 Size: 2105344 File Visible: - Signed: -
Status: -

Name: win32k.sys
Image Path: C:\Windows\System32\win32k.sys
Address: 0x95210000 Size: 2105344 File Visible: - Signed: -
Status: -

Name: wmiacpi.sys
Image Path: C:\Windows\system32\DRIVERS\wmiacpi.sys
Address: 0x881F4000 Size: 36864 File Visible: - Signed: -
Status: -

Name: WMILIB.SYS
Image Path: C:\Windows\system32\drivers\WMILIB.SYS
Address: 0x87AD6000 Size: 36864 File Visible: - Signed: -
Status: -

Name: WMIxWDM
Image Path: \Driver\WMIxWDM
Address: 0x81E02000 Size: 3903488 File Visible: - Signed: -
Status: -

Name: xaudio.sys
Image Path: C:\Windows\system32\DRIVERS\xaudio.sys
Address: 0xAF511000 Size: 32768 File Visible: - Signed: -
Status: -
  • 0

Advertisements

Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP