Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Another svchost issue


  • This topic is locked This topic is locked
3 replies to this topic

#1 Xwenn

Xwenn

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:06:38 PM

Posted 03 March 2010 - 07:54 AM

I have a problem removing/resolving the issue related to an svchost.exe that keep taking up most of me CPU processes.

I have, so far, tracked it down to the source svchost.exe that seems to coexist with Windows Audio (I'm using realtek'95 stuff)

-----------------
Here's my current OTL report that I recently used..

---------------------------------------------------------------


OTL logfile created on: 3/3/2010 8:02:42 PM - Run 1
OTL by OldTimer - Version 3.1.32.0 Folder = C:\Documents and Settings\kwang\Desktop
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 57.00% Memory free
4.00 Gb Paging File | 3.00 Gb Available in Paging File | 81.00% Paging File free
Paging file location(s): c:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 58.59 Gb Total Space | 13.28 Gb Free Space | 22.67% Space Free | Partition Type: NTFS
Drive D: | 48.83 Gb Total Space | 10.04 Gb Free Space | 20.56% Space Free | Partition Type: NTFS
Drive E: | 41.62 Gb Total Space | 9.84 Gb Free Space | 23.63% Space Free | Partition Type: NTFS
Drive F: | 672.77 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Drive L: | 465.76 Gb Total Space | 149.37 Gb Free Space | 32.07% Space Free | Partition Type: NTFS

Computer Name: XWENN-FA117B18F
Current User Name: kwang
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (All) ==========

PRC - [2010/03/03 20:01:43 | 000,551,424 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\kwang\Desktop\OTL.exe
PRC - [2010/01/11 22:17:44 | 000,154,216 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvsvc32.exe
PRC - [2009/11/23 15:53:58 | 004,781,352 | ---- | M] (Wacom Technology, Corp.) -- C:\Program Files\WTouch\WTouchUser.exe
PRC - [2009/11/23 15:53:58 | 000,113,448 | ---- | M] (Wacom Technology, Corp.) -- C:\Program Files\WTouch\WTouchService.exe
PRC - [2009/11/23 15:53:56 | 004,497,704 | ---- | M] (Wacom Technology, Corp.) -- C:\WINDOWS\system32\Pen_Tablet.exe
PRC - [2009/11/04 04:49:02 | 000,086,016 | ---- | M] (alch) -- C:\Program Files\ClamWin\bin\ClamTray.exe
PRC - [2009/07/21 14:34:33 | 000,185,089 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2009/06/22 19:45:12 | 000,199,616 | ---- | M] (Vuze Inc.) -- C:\Program Files\Vuze\Azureus.exe
PRC - [2009/05/19 17:33:21 | 000,603,904 | ---- | M] (TuneUp Software) -- C:\WINDOWS\system32\TUProgSt.exe
PRC - [2009/05/13 16:48:22 | 000,108,289 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2009/04/02 12:47:04 | 000,234,888 | ---- | M] () -- C:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exe
PRC - [2009/04/02 12:47:02 | 000,464,264 | ---- | M] () -- C:\Program Files\AskBarDis\bar\bin\AskService.exe
PRC - [2009/03/05 16:07:20 | 002,260,480 | RHS- | M] (Safer-Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
PRC - [2009/03/02 13:08:47 | 000,209,153 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2008/12/18 11:07:21 | 000,152,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe
PRC - [2008/11/10 04:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
PRC - [2008/10/17 10:16:22 | 000,098,816 | ---- | M] (Opera Software) -- C:\Program Files\Opera\opera.exe
PRC - [2008/09/22 16:31:08 | 000,431,472 | ---- | M] (Juniper Networks) -- C:\Program Files\Juniper Networks\Common Files\dsNcService.exe
PRC - [2008/07/28 20:06:58 | 000,079,360 | ---- | M] (Autodesk) -- C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
PRC - [2008/03/10 00:04:52 | 000,065,536 | ---- | M] () -- E:\Autodesk\3D Max Design 2009\mentalray\satellite\raysat_3dsMax2009_32server.exe
PRC - [2008/01/03 21:54:45 | 000,486,856 | ---- | M] (DT Soft Ltd) -- C:\Program Files\DAEMON Tools Lite\daemon.exe
PRC - [2007/12/23 07:03:28 | 000,916,240 | ---- | M] (The Eraser Project) -- C:\Program Files\Eraser\Eraser.exe
PRC - [2007/09/24 17:05:26 | 000,065,536 | ---- | M] () -- C:\Program Files\Autodesk\3ds Max 2008\mentalray\satellite\raysat_3dsMax2008_32server.exe
PRC - [2007/01/17 04:07:00 | 000,057,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spoolsv.exe
PRC - [2007/01/17 04:05:41 | 001,033,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2006/02/28 12:42:38 | 000,229,376 | ---- | M] (Apple Computer, Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe
PRC - [2004/08/04 07:56:58 | 000,502,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winlogon.exe
PRC - [2004/08/04 07:56:58 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\smss.exe
PRC - [2004/08/04 07:56:58 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [RPCSS]
PRC - [2004/08/04 07:56:58 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETWORKSERVICE]
PRC - [2004/08/04 07:56:58 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETSVCS]
PRC - [2004/08/04 07:56:58 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [LOCALSERVICE]
PRC - [2004/08/04 07:56:58 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [IMGSVC]
PRC - [2004/08/04 07:56:58 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [HPZ12]
PRC - [2004/08/04 07:56:58 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [HPZ12]
PRC - [2004/08/04 07:56:58 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [HPDEVMGMT]
PRC - [2004/08/04 07:56:58 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [DCOMLAUNCH]
PRC - [2004/08/04 07:56:56 | 000,108,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\services.exe
PRC - [2004/08/04 07:56:52 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lsass.exe
PRC - [2004/08/04 07:56:50 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ctfmon.exe
PRC - [2004/08/04 07:56:50 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\csrss.exe
PRC - [2004/08/04 07:56:48 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\alg.exe
PRC - [2003/06/19 23:25:00 | 000,322,120 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE


========== Modules (All) ==========

MOD - [2010/03/03 20:01:43 | 000,551,424 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\kwang\Desktop\OTL.exe
MOD - [2007/01/17 04:07:25 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
MOD - [2007/01/17 04:07:17 | 000,664,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wininet.dll
MOD - [2007/01/17 04:07:11 | 000,218,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\uxtheme.dll
MOD - [2007/01/17 04:07:10 | 000,577,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\user32.dll
MOD - [2007/01/17 04:07:00 | 008,458,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shell32.dll
MOD - [2007/01/17 04:07:00 | 000,474,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shlwapi.dll
MOD - [2007/01/17 04:06:51 | 000,985,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\setupapi.dll
MOD - [2007/01/17 04:06:47 | 000,582,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rpcrt4.dll
MOD - [2007/01/17 04:06:39 | 001,286,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ole32.dll
MOD - [2007/01/17 04:06:20 | 002,890,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msi.dll
MOD - [2007/01/17 04:06:13 | 000,297,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\MSCTF.dll
MOD - [2007/01/17 04:05:53 | 000,985,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\kernel32.dll
MOD - [2007/01/17 04:05:44 | 000,280,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\gdi32.dll
MOD - [2007/01/17 04:05:33 | 000,498,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\clbcatq.dll
MOD - [2007/01/17 04:05:25 | 001,852,928 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\AppPatch\AcGenral.dll
MOD - [2004/08/04 07:56:58 | 000,146,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winspool.drv
MOD - [2004/08/04 07:56:48 | 000,723,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\userenv.dll
MOD - [2004/08/04 07:56:48 | 000,406,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\usp10.dll
MOD - [2004/08/04 07:56:48 | 000,176,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winmm.dll
MOD - [2004/08/04 07:56:48 | 000,172,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wldap32.dll
MOD - [2004/08/04 07:56:48 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\version.dll
MOD - [2004/08/04 07:56:46 | 000,553,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\oleaut32.dll
MOD - [2004/08/04 07:56:46 | 000,250,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\ime\SPTIP.dll
MOD - [2004/08/04 07:56:46 | 000,118,784 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntmarta.dll
MOD - [2004/08/04 07:56:46 | 000,083,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\olepro32.dll
MOD - [2004/08/04 07:56:46 | 000,065,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shimeng.dll
MOD - [2004/08/04 07:56:46 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\samlib.dll
MOD - [2004/08/04 07:56:46 | 000,055,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\secur32.dll
MOD - [2004/08/04 07:56:46 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\psapi.dll
MOD - [2004/08/04 07:56:44 | 000,413,696 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcp60.dll
MOD - [2004/08/04 07:56:44 | 000,343,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcrt.dll
MOD - [2004/08/04 07:56:44 | 000,185,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\framedyn.dll
MOD - [2004/08/04 07:56:44 | 000,144,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\imagehlp.dll
MOD - [2004/08/04 07:56:44 | 000,110,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\imm32.dll
MOD - [2004/08/04 07:56:44 | 000,071,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msacm32.dll
MOD - [2004/08/04 07:56:44 | 000,057,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msasn1.dll
MOD - [2004/08/04 07:56:44 | 000,025,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mslbui.dll
MOD - [2004/08/04 07:56:44 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lpk.dll
MOD - [2004/08/04 07:56:42 | 000,792,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comres.dll
MOD - [2004/08/04 07:56:42 | 000,616,960 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\advapi32.dll
MOD - [2004/08/04 07:56:42 | 000,597,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\crypt32.dll
MOD - [2004/08/04 07:56:42 | 000,276,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comdlg32.dll
MOD - [2004/08/04 07:56:42 | 000,126,976 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\apphelp.dll
MOD - [2004/08/04 07:56:38 | 000,708,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntdll.dll
MOD - [2004/08/04 07:56:30 | 000,062,976 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\ime\SPGRMR.dll
MOD - [2004/08/04 07:56:14 | 000,177,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\MSCTFIME.IME
MOD - [2004/08/04 06:56:46 | 000,067,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\srclient.dll
MOD - [2001/08/23 20:00:00 | 000,163,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\oleacc.dll
MOD - [2001/02/07 02:17:02 | 000,364,607 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\INK\SKCHUI.DLL


========== Win32 Services (All) ==========

SRV - File not found [Disabled | Stopped] -- -- (Habtsrvmwr)
SRV - File not found [On_Demand | Stopped] -- -- (avast! Web Scanner)
SRV - File not found [On_Demand | Stopped] -- -- (avast! Mail Scanner)
SRV - File not found [Auto | Stopped] -- -- (avast! Antivirus)
SRV - File not found [Auto | Stopped] -- -- (aswUpdSv)
SRV - [2010/02/06 18:59:18 | 000,135,664 | ---- | M] (Google Inc.) [Auto | Stopped] -- C:\Program Files\Google\Update\GoogleUpdate.exe -- (gupdate) Google Update Service (gupdate)
SRV - [2010/01/11 22:17:44 | 000,154,216 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\WINDOWS\system32\nvsvc32.exe -- (NVSvc)
SRV - [2009/11/23 15:53:58 | 000,113,448 | ---- | M] (Wacom Technology, Corp.) [Auto | Running] -- C:\Program Files\WTouch\WTouchService.exe -- (WTouchService)
SRV - [2009/11/23 15:53:56 | 004,497,704 | ---- | M] (Wacom Technology, Corp.) [Auto | Running] -- C:\WINDOWS\system32\Pen_Tablet.exe -- (TabletServicePen)
SRV - [2009/10/13 03:24:18 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2009/07/26 06:43:14 | 000,025,832 | ---- | M] (BioWare) [On_Demand | Stopped] -- L:\Gaemz\Dragon Age\bin_ship\daupdatersvc.service.exe -- (DAUpdaterSvc)
SRV - [2009/07/21 14:34:33 | 000,185,089 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2009/05/19 17:33:21 | 000,603,904 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\WINDOWS\system32\TUProgSt.exe -- (TuneUp.ProgramStatisticsSvc)
SRV - [2009/05/19 17:33:19 | 000,362,240 | ---- | M] (TuneUp Software) [On_Demand | Stopped] -- C:\WINDOWS\system32\TuneUpDefragService.exe -- (TuneUp.Defrag)
SRV - [2009/05/13 16:48:22 | 000,108,289 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2009/04/02 12:47:04 | 000,234,888 | ---- | M] () [Auto | Running] -- C:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exe -- (ASKUpgrade)
SRV - [2009/04/02 12:47:02 | 000,464,264 | ---- | M] () [Auto | Running] -- C:\Program Files\AskBarDis\bar\bin\AskService.exe -- (ASKService)
SRV - [2009/03/23 15:15:58 | 000,183,280 | ---- | M] (Google) [Auto | Stopped] -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc)
SRV - [2008/12/18 11:07:21 | 000,152,984 | ---- | M] (Sun Microsystems, Inc.) [Auto | Running] -- C:\Program Files\Java\jre6\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2008/11/12 16:44:18 | 000,027,904 | ---- | M] (TuneUp Software) [Auto | Stopped] -- C:\WINDOWS\system32\uxtuneup.dll -- (UxTuneUp)
SRV - [2008/11/10 04:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2008/09/22 16:31:08 | 000,431,472 | ---- | M] (Juniper Networks) [Auto | Running] -- C:\Program Files\Juniper Networks\Common Files\dsNcService.exe -- (dsNcService)
SRV - [2008/07/29 21:10:04 | 000,046,104 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0)
SRV - [2008/07/29 19:24:50 | 000,881,664 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe -- (idsvc)
SRV - [2008/07/29 19:16:38 | 000,132,096 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing)
SRV - [2008/07/28 20:06:58 | 000,079,360 | ---- | M] (Autodesk) [Auto | Running] -- C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe -- (Autodesk Licensing Service)
SRV - [2008/07/25 11:17:02 | 000,069,632 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008/07/25 11:16:40 | 000,034,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe -- (aspnet_state)
SRV - [2008/07/18 13:13:20 | 000,053,760 | ---- | M] (Hewlett-Packard) [Auto | Running] -- C:\WINDOWS\system32\HPZipm12.dll -- (Pml Driver HPZ12)
SRV - [2008/07/18 13:13:20 | 000,044,032 | ---- | M] (Hewlett-Packard) [Auto | Running] -- C:\WINDOWS\system32\HPZinw12.dll -- (Net Driver HPZ12)
SRV - [2008/03/25 21:27:36 | 000,135,168 | ---- | M] (Hewlett-Packard Co.) [Auto | Stopped] -- C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll -- (hpqddsvc)
SRV - [2008/03/25 20:38:24 | 000,217,088 | ---- | M] (Hewlett-Packard Co.) [On_Demand | Running] -- C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll -- (hpqcxs08)
SRV - [2008/03/10 00:04:52 | 000,065,536 | ---- | M] () [Auto | Running] -- E:\Autodesk\3D Max Design 2009\mentalray\satellite\raysat_3dsMax2009_32server.exe -- (mi-raysat_3dsMax2009_32)
SRV - [2007/09/24 17:05:26 | 000,065,536 | ---- | M] () [Auto | Running] -- C:\Program Files\Autodesk\3ds Max 2008\mentalray\satellite\raysat_3dsMax2008_32server.exe -- (mi-raysat_3dsMax2008_32)
SRV - [2007/08/17 18:24:13 | 000,072,704 | ---- | M] (Adobe Systems) [On_Demand | Stopped] -- C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe -- (Adobe LM Service)
SRV - [2007/01/17 04:13:53 | 000,476,160 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\system32\wzcsvc.dll -- (WZCSVC)
SRV - [2007/01/17 04:13:53 | 000,021,504 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\system32\hidserv.dll -- (HidServ)
SRV - [2007/01/17 04:07:56 | 000,038,912 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\wdfmgr.exe -- (UMWdf)
SRV - [2007/01/17 04:07:54 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\mspmsnsv.dll -- (WmdmPmSN)
SRV - [2007/01/17 04:07:18 | 000,132,096 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\system32\wkssvc.dll -- (lanmanworkstation)
SRV - [2007/01/17 04:07:18 | 000,080,896 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\system32\wscsvc.dll -- (wscsvc)
SRV - [2007/01/17 04:07:14 | 000,068,096 | ---- | M] (Microsoft Corporation) [Auto | Stop_Pending] -- C:\WINDOWS\system32\webclnt.dll -- (WebClient)
SRV - [2007/01/17 04:07:06 | 000,295,424 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\termsrv.dll -- (TermService)
SRV - [2007/01/17 04:07:05 | 000,249,344 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\tapisrv.dll -- (TapiSrv)
SRV - [2007/01/17 04:07:01 | 000,096,768 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\system32\srvsvc.dll -- (lanmanserver)
SRV - [2007/01/17 04:07:00 | 000,057,856 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\spoolsv.exe -- (Spooler)
SRV - [2007/01/17 04:06:47 | 000,399,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\rpcss.dll -- (RpcSs) Remote Procedure Call (RPC)
SRV - [2007/01/17 04:06:47 | 000,399,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\rpcss.dll -- (DcomLaunch)
SRV - [2007/01/17 04:06:44 | 000,180,736 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\rasmans.dll -- (RasMan)
SRV - [2007/01/17 04:06:32 | 000,197,632 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\netman.dll -- (Netman)
SRV - [2007/01/17 04:06:20 | 000,078,848 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\System32\msiexec.exe -- (MSIServer)
SRV - [2007/01/17 04:05:40 | 000,243,200 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\es.dll -- (EventSystem)
SRV - [2007/01/17 04:05:38 | 000,112,128 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\system32\dhcpcsvc.dll -- (Dhcp)
SRV - [2007/01/17 04:05:36 | 000,062,464 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\system32\cryptsvc.dll -- (CryptSvc)
SRV - [2007/01/17 04:05:29 | 000,077,824 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\system32\browser.dll -- (Browser)
SRV - [2006/02/28 12:42:38 | 000,229,376 | ---- | M] (Apple Computer, Inc.) [Auto | Running] -- C:\Program Files\Bonjour\mDNSResponder.exe -- (Bonjour Service)
SRV - [2005/10/06 18:12:30 | 000,855,552 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Media Connect 2\wmccds.exe -- (WMConnectCDS)
SRV - [2005/04/04 00:41:10 | 000,069,632 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe -- (IDriverT)
SRV - [2004/08/04 07:56:58 | 000,289,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\vssvc.exe -- (VSS)
SRV - [2004/08/04 07:56:58 | 000,140,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\sessmgr.exe -- (RDSessMgr)
SRV - [2004/08/04 07:56:58 | 000,126,464 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\wbem\wmiapsrv.exe -- (WmiApSrv)
SRV - [2004/08/04 07:56:58 | 000,089,600 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\smlogsvc.exe -- (SysmonLog)
SRV - [2004/08/04 07:56:58 | 000,073,216 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\tlntsvr.exe -- (TlntSvr)
SRV - [2004/08/04 07:56:58 | 000,018,432 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\ups.exe -- (UPS)
SRV - [2004/08/04 07:56:56 | 000,111,104 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\netdde.exe -- (NetDDEdsdm)
SRV - [2004/08/04 07:56:56 | 000,111,104 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\netdde.exe -- (NetDDE)
SRV - [2004/08/04 07:56:56 | 000,108,032 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\services.exe -- (PlugPlay)
SRV - [2004/08/04 07:56:56 | 000,108,032 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\services.exe -- (Eventlog)
SRV - [2004/08/04 07:56:56 | 000,095,744 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\scardsvr.exe -- (SCardSvr)
SRV - [2004/08/04 07:56:54 | 000,006,144 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\msdtc.exe -- (MSDTC)
SRV - [2004/08/04 07:56:52 | 000,150,016 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\imapi.exe -- (ImapiService)
SRV - [2004/08/04 07:56:52 | 000,075,264 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\locator.exe -- (RpcLocator) Remote Procedure Call (RPC)
SRV - [2004/08/04 07:56:52 | 000,013,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\lsass.exe -- (SamSs)
SRV - [2004/08/04 07:56:52 | 000,013,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\lsass.exe -- (ProtectedStorage)
SRV - [2004/08/04 07:56:52 | 000,013,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\lsass.exe -- (PolicyAgent)
SRV - [2004/08/04 07:56:52 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\lsass.exe -- (NtLmSsp)
SRV - [2004/08/04 07:56:52 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\lsass.exe -- (Netlogon)
SRV - [2004/08/04 07:56:50 | 000,224,768 | ---- | M] (Microsoft Corp., Veritas Software) [On_Demand | Stopped] -- C:\WINDOWS\System32\dmadmin.exe -- (dmadmin)
SRV - [2004/08/04 07:56:50 | 000,005,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\System32\dllhost.exe -- (SwPrv)
SRV - [2004/08/04 07:56:50 | 000,005,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\System32\dllhost.exe -- (COMSysApp)
SRV - [2004/08/04 07:56:48 | 000,333,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\wiaservc.dll -- (stisvc) Windows Image Acquisition (WIA)
SRV - [2004/08/04 07:56:48 | 000,185,344 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\upnphost.dll -- (upnphost)
SRV - [2004/08/04 07:56:48 | 000,174,592 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\system32\w32time.dll -- (W32Time)
SRV - [2004/08/04 07:56:48 | 000,144,896 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\wbem\wmisvc.dll -- (winmgmt)
SRV - [2004/08/04 07:56:48 | 000,129,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\xmlprov.dll -- (xmlprov)
SRV - [2004/08/04 07:56:48 | 000,090,624 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\system32\trkwks.dll -- (TrkWks)
SRV - [2004/08/04 07:56:48 | 000,044,544 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\alg.exe -- (ALG)
SRV - [2004/08/04 07:56:48 | 000,033,280 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\clipsrv.exe -- (ClipSrv)
SRV - [2004/08/04 07:56:48 | 000,015,872 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\w3ssl.dll -- (HTTPFilter)
SRV - [2004/08/04 07:56:48 | 000,005,632 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\cisvc.exe -- (CiSvc)
SRV - [2004/08/04 07:56:46 | 000,435,200 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\ntmssvc.dll -- (NtmsSvc)
SRV - [2004/08/04 07:56:46 | 000,245,248 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\mswsock.dll -- (Nla) Network Location Awareness (NLA)
SRV - [2004/08/04 07:56:46 | 000,134,656 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\shsvcs.dll -- (Themes)
SRV - [2004/08/04 07:56:46 | 000,134,656 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\system32\shsvcs.dll -- (ShellHWDetection)
SRV - [2004/08/04 07:56:46 | 000,134,656 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\shsvcs.dll -- (FastUserSwitchingCompatibility)
SRV - [2004/08/04 07:56:46 | 000,089,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\rasauto.dll -- (RasAuto)
SRV - [2004/08/04 07:56:46 | 000,071,680 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\ssdpsrv.dll -- (SSDPSRV)
SRV - [2004/08/04 07:56:46 | 000,059,904 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\regsvc.dll -- (RemoteRegistry)
SRV - [2004/08/04 07:56:46 | 000,038,912 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\sens.dll -- (SENS)
SRV - [2004/08/04 07:56:46 | 000,018,944 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\system32\seclogon.dll -- (seclogon)
SRV - [2004/08/04 07:56:44 | 000,331,264 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\system32\ipnathlp.dll -- (SharedAccess) Windows Firewall/Internet Connection Sharing (ICS)
SRV - [2004/08/04 07:56:44 | 000,045,568 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\dnsrslvr.dll -- (Dnscache)
SRV - [2004/08/04 07:56:44 | 000,033,792 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\msgsvc.dll -- (Messenger)
SRV - [2004/08/04 07:56:44 | 000,023,552 | ---- | M] (Microsoft Corp.) [Auto | Stopped] -- C:\WINDOWS\system32\dmserver.dll -- (dmserver)
SRV - [2004/08/04 07:56:44 | 000,023,040 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\system32\ersvc.dll -- (ERSvc)
SRV - [2004/08/04 07:56:44 | 000,013,824 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\lmhsvc.dll -- (LmHosts)
SRV - [2004/08/04 07:56:42 | 000,616,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\advapi32.dll -- (Wmi)
SRV - [2004/08/04 07:56:42 | 000,167,936 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\appmgmts.dll -- (AppMgmt)
SRV - [2004/08/04 07:56:42 | 000,042,496 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\system32\audiosrv.dll -- (AudioSrv)
SRV - [2004/08/04 07:56:42 | 000,017,408 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\alrsvc.dll -- (Alerter)
SRV - [2004/08/04 06:56:52 | 000,032,768 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\mnmsrvc.exe -- (mnmsrvc)
SRV - [2004/08/04 06:56:48 | 000,006,656 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\system32\wuauserv.dll -- (wuauserv)
SRV - [2004/08/04 06:56:46 | 000,382,464 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\qmgr.dll -- (BITS)
SRV - [2004/08/04 06:56:46 | 000,190,976 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\schedsvc.dll -- (Schedule)
SRV - [2004/08/04 06:56:46 | 000,170,496 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\system32\srsvc.dll -- (srservice)
SRV - [2004/08/04 06:56:46 | 000,038,912 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll -- (helpsvc)
SRV - [2003/07/28 12:28:22 | 000,089,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
SRV - [2003/06/19 23:25:00 | 000,322,120 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE -- (MDM)
SRV - [2001/08/23 20:00:00 | 000,132,608 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\rsvp.exe -- (RSVP)
SRV - [2001/08/23 20:00:00 | 000,049,152 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\mprdim.dll -- (RemoteAccess)


========== Driver Services (All) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WacomVKHid)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (ViaIde)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (ultra)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (TosIde)
DRV - File not found [Kernel | Boot | Stopped] -- -- (TfSysMon)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (TfNetMon)
DRV - File not found [Kernel | Boot | Stopped] -- -- (TfFsMon)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (symc8xx)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (symc810)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (sym_u3)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (sym_hi)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (Sparrow)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (Simbad)
DRV - File not found [Kernel | Auto | Stopped] -- -- (Secdrv)
DRV - File not found [Kernel | System | Stopped] -- -- (SASKUTIL)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (ql1280)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (ql1240)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (ql12160)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (Ql10wnt)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (ql1080)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PTSimHid)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PTSimBus)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (perc2hib)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (perc2)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (mraid35x)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (IntelIde)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (ini910u)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (i2omp)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (hpn)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (GMSIPCI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (EagleNT)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (dpti2o)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (dac960nt)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (Cpqarray)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (CmdIde)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (cd20xrnt)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (Atdisk)
DRV - File not found [Kernel | System | Stopped] -- -- (aswTdi)
DRV - File not found [Kernel | System | Stopped] -- -- (aswSP)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (aswRdr)
DRV - File not found [File_System | Auto | Stopped] -- -- (aswMon2)
DRV - File not found [File_System | Auto | Stopped] -- -- (aswFsBlk)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (asc3550)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (asc3350p)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (asc)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (amsint)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (AliIde)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (aic78xx)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (aic78u2)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (Aha154x)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (adpu160m)
DRV - File not found [Kernel | Auto | Stopped] -- -- (adfs)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (abp480n5)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (Abiosdsk)
DRV - File not found [Kernel | System | Stopped] -- -- (Aavmker4)
DRV - [2010/02/18 17:15:10 | 000,020,016 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\PxHelp20.sys -- (PxHelp20)
DRV - [2010/01/12 12:03:33 | 010,276,768 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2009/12/07 23:51:35 | 000,056,816 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2009/07/06 18:29:52 | 000,004,096 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nocashio.sys -- (nocashio)
DRV - [2009/05/20 11:54:06 | 000,013,736 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\wacomvhid.sys -- (wacomvhid)
DRV - [2009/05/11 10:12:24 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009/03/30 10:33:07 | 000,096,104 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2009/02/13 12:35:05 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys -- (avgio)
DRV - [2008/12/30 19:53:30 | 000,715,248 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2008/10/06 10:53:24 | 000,015,656 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wacmoumonitor.sys -- (wacmoumonitor)
DRV - [2008/09/22 16:08:48 | 000,023,552 | ---- | M] (Juniper Networks) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\dsNcAdpt.sys -- (dsNcAdpt)
DRV - [2008/08/18 18:54:00 | 000,145,952 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\nvgts.sys -- (nvgts)
DRV - [2008/08/01 11:36:00 | 000,054,784 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD)
DRV - [2008/08/01 11:36:00 | 000,022,016 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus)
DRV - [2008/07/03 17:03:14 | 004,745,216 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2008/03/27 11:58:19 | 000,047,616 | ---- | M] (Aladdin Knowledge Systems) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\Haspnt.sys -- (Haspnt)
DRV - [2007/10/30 17:25:55 | 000,021,568 | R--- | M] (HP) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\HPZius12.sys -- (HPZius12)
DRV - [2007/10/30 17:25:54 | 000,016,496 | R--- | M] (HP) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\HPZipr12.sys -- (HPZipr12)
DRV - [2007/10/30 17:25:53 | 000,049,920 | R--- | M] (HP) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\HPZid412.sys -- (HPZid412)
DRV - [2007/03/16 10:11:38 | 000,012,256 | ---- | M] (Windows ® 2000 DDK provider) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\TBPanel.sys -- (TBPanel)
DRV - [2007/03/16 10:11:38 | 000,012,256 | ---- | M] (Windows ® 2000 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\TBPanel.sys -- (Cardex)
DRV - [2007/02/16 11:12:36 | 000,011,312 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\wacommousefilter.sys -- (wacommousefilter)
DRV - [2007/01/17 04:13:53 | 000,172,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\kmixer.sys -- (kmixer)
DRV - [2007/01/17 04:13:53 | 000,142,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\aec.sys -- (aec)
DRV - [2007/01/17 04:13:53 | 000,082,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\wdmaud.sys -- (wdmaud)
DRV - [2007/01/17 04:13:53 | 000,080,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\parport.sys -- (Parport)
DRV - [2007/01/17 04:13:53 | 000,060,800 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sysaudio.sys -- (sysaudio)
DRV - [2007/01/17 04:13:53 | 000,054,272 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\swmidi.sys -- (swmidi)
DRV - [2007/01/17 04:13:53 | 000,035,456 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\processr.sys -- (Processor)
DRV - [2007/01/17 04:13:53 | 000,030,080 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\modem.sys -- (Modem)
DRV - [2007/01/17 04:13:53 | 000,018,688 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\cdaudio.sys -- (Cdaudio)
DRV - [2007/01/17 04:13:53 | 000,015,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mssmbios.sys -- (mssmbios)
DRV - [2007/01/17 04:13:53 | 000,014,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ndisuio.sys -- (Ndisuio)
DRV - [2007/01/17 04:13:53 | 000,010,880 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ndisip.sys -- (NdisIP)
DRV - [2007/01/17 04:13:53 | 000,007,552 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mskssrv.sys -- (MSKSSRV)
DRV - [2007/01/17 04:13:53 | 000,005,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mspclock.sys -- (MSPCLOCK)
DRV - [2007/01/17 04:13:53 | 000,004,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mspqm.sys -- (MSPQM)
DRV - [2007/01/17 04:13:53 | 000,004,352 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\swenum.sys -- (swenum)
DRV - [2007/01/17 04:13:53 | 000,002,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\drmkaud.sys -- (drmkaud)
DRV - [2007/01/17 04:07:10 | 000,059,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\usbhub.sys -- (usbhub)
DRV - [2007/01/17 04:07:10 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\usbehci.sys -- (usbehci)
DRV - [2007/01/17 04:07:10 | 000,017,152 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\usbohci.sys -- (usbohci)
DRV - [2007/01/17 04:07:09 | 000,209,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\update.sys -- (Update)
DRV - [2007/01/17 04:07:06 | 000,360,704 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\tcpip.sys -- (Tcpip)
DRV - [2007/01/17 04:07:01 | 000,332,928 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\srv.sys -- (Srv)
DRV - [2007/01/17 04:06:47 | 000,062,336 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\rspndr.sys -- (rspndr)
DRV - [2007/01/17 04:06:45 | 000,139,528 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\rdpwd.sys -- (RDPWD)
DRV - [2007/01/17 04:06:44 | 000,174,592 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\rdbss.sys -- (Rdbss)
DRV - [2007/01/17 04:06:31 | 000,105,088 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\mup.sys -- (Mup)
DRV - [2007/01/17 04:06:12 | 000,454,656 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\mrxsmb.sys -- (MRxSmb)
DRV - [2007/01/17 04:05:50 | 000,136,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ipnat.sys -- (IpNat)
DRV - [2007/01/17 04:05:49 | 000,041,984 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\imapi.sys -- (Imapi)
DRV - [2007/01/17 04:05:47 | 000,262,656 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\http.sys -- (HTTP)
DRV - [2007/01/17 04:05:46 | 000,138,752 | ---- | M] (Windows ® Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2006/11/22 10:01:48 | 000,693,760 | ---- | M] (Aladdin Knowledge Systems Ltd.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\hardlock.sys -- (hardlock)
DRV - [2006/10/15 23:38:22 | 000,128,768 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\fltMgr.sys -- (FltMgr)
DRV - [2006/09/24 21:28:46 | 000,005,248 | ---- | M] (Windows ® 2000 DDK provider) [Kernel | Boot | Running] -- C:\WINDOWS\system32\speedfan.sys -- (speedfan)
DRV - [2006/08/14 14:51:28 | 000,105,344 | R--- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\nvata.sys -- (nvata)
DRV - [2006/06/14 10:50:20 | 000,006,272 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\splitter.sys -- (splitter)
DRV - [2006/06/07 10:34:36 | 010,305,280 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\snp2sxp.sys -- (SNP2STD) USB2.0 PC Camera (SNP2STD)
DRV - [2005/04/14 16:42:00 | 000,141,582 | ---- | M] (NVIDIA Corporation) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\NVCAP.SYS -- (nvcap) nVidia WDM Video Capture (universal)
DRV - [2005/04/14 16:42:00 | 000,016,496 | ---- | M] (NVIDIA Corporation) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\NVXBAR.SYS -- (NVXBAR)
DRV - [2005/03/09 14:53:00 | 000,036,352 | R--- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8)
DRV - [2004/08/04 08:01:08 | 000,021,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tdtcp.sys -- (TDTCP)
DRV - [2004/08/04 08:01:08 | 000,012,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tdpipe.sys -- (TDPIPE)
DRV - [2004/08/04 06:59:38 | 000,057,472 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\redbook.sys -- (redbook)
DRV - [2004/08/04 06:15:54 | 000,064,896 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\serial.sys -- (Serial)
DRV - [2004/08/04 06:15:10 | 000,574,592 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Running] -- C:\WINDOWS\system32\drivers\ntfs.sys -- (Ntfs)
DRV - [2004/08/04 06:14:38 | 000,162,816 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\netbt.sys -- (NetBT)
DRV - [2004/08/04 06:14:38 | 000,052,736 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\i8042prt.sys -- (i8042prt)
DRV - [2004/08/04 06:14:32 | 000,091,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ndiswan.sys -- (NdisWan)
DRV - [2004/08/04 06:14:30 | 000,182,912 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\ndis.sys -- (NDIS)
DRV - [2004/08/04 06:14:30 | 000,074,752 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ipsec.sys -- (IPSec)
DRV - [2004/08/04 06:14:28 | 000,048,384 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\raspptp.sys -- (PptpMiniport) WAN Miniport (PPTP)
DRV - [2004/08/04 06:14:24 | 000,051,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rasl2tp.sys -- (Rasl2tp) WAN Miniport (L2TP)
DRV - [2004/08/04 06:14:18 | 000,143,360 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Running] -- C:\WINDOWS\system32\drivers\fastfat.sys -- (Fastfat)
DRV - [2004/08/04 06:14:16 | 000,138,496 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\afd.sys -- (AFD)
DRV - [2004/08/04 06:14:12 | 000,063,744 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Running] -- C:\WINDOWS\system32\drivers\cdfs.sys -- (Cdfs)
DRV - [2004/08/04 06:10:18 | 000,011,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\slip.sys -- (SLIP)
DRV - [2004/08/04 06:10:14 | 000,015,360 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\streamip.sys -- (streamip)
DRV - [2004/08/04 06:08:48 | 000,031,616 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbccgp.sys -- (usbccgp)
DRV - [2004/08/04 06:08:48 | 000,026,496 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\usbstor.sys -- (usbstor)
DRV - [2004/08/04 06:07:48 | 000,119,936 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\pcmcia.sys -- (Pcmcia)
DRV - [2004/08/04 06:07:48 | 000,068,224 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\pci.sys -- (PCI)
DRV - [2004/08/04 06:07:38 | 000,187,776 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\ACPI.sys -- (ACPI)
DRV - [2004/08/04 06:07:18 | 000,799,744 | ---- | M] (Microsoft Corp., Veritas Software) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\dmboot.sys -- (dmboot)
DRV - [2004/08/04 06:07:18 | 000,153,344 | ---- | M] (Microsoft Corp., Veritas Software) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\dmio.sys -- (dmio)
DRV - [2004/08/04 06:07:08 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\vga.sys -- (VgaSave)
DRV - [2004/08/04 06:05:08 | 000,041,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\raspppoe.sys -- (RasPppoe)
DRV - [2004/08/04 06:05:04 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\asyncmac.sys -- (AsyncMac)
DRV - [2004/08/04 06:04:58 | 000,034,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\wanarp.sys -- (Wanarp)
DRV - [2004/08/04 06:04:46 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ipinip.sys -- (IpInIp)
DRV - [2004/08/04 06:04:20 | 000,069,120 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\psched.sys -- (PSched)
DRV - [2004/08/04 06:04:14 | 000,035,072 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\msgpc.sys -- (Gpc)
DRV - [2004/08/04 06:03:22 | 000,034,560 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\netbios.sys -- (NetBIOS)
DRV - [2004/08/04 06:00:58 | 000,181,248 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mrxdav.sys -- (MRxDAV)
DRV - [2004/08/04 06:00:44 | 000,030,848 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\npfs.sys -- (Npfs)
DRV - [2004/08/04 06:00:42 | 000,019,072 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\msfs.sys -- (Msfs)
DRV - [2004/08/04 06:00:32 | 000,066,176 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\udfs.sys -- (Udfs)
DRV - [2004/08/04 06:00:18 | 000,052,352 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\volsnap.sys -- (VolSnap)
DRV - [2004/08/04 06:00:08 | 000,029,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ip6fw.sys -- (Ip6Fw)
DRV - [2004/08/04 05:59:56 | 000,036,352 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\disk.sys -- (Disk)
DRV - [2004/08/04 05:59:56 | 000,011,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sfloppy.sys -- (Sfloppy)
DRV - [2004/08/04 05:59:48 | 000,092,032 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\ksecdd.sys -- (KSecDD)
DRV - [2004/08/04 05:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\atapi.sys -- (atapi)
DRV - [2004/08/04 05:59:28 | 000,027,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\fdc.sys -- (Fdc)
DRV - [2004/08/04 05:59:28 | 000,020,480 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\flpydisk.sys -- (Flpydisk)
DRV - [2004/08/04 05:59:08 | 000,015,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\serenum.sys -- (serenum)
DRV - [2004/08/04 05:58:36 | 000,014,848 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\kbdhid.sys -- (kbdhid)
DRV - [2004/08/04 05:58:34 | 000,024,576 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\kbdclass.sys -- (Kbdclass)
DRV - [2004/08/04 05:58:32 | 000,059,904 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\atmarpc.sys -- (Atmarpc)
DRV - [2004/08/04 05:58:32 | 000,042,240 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\mountmgr.sys -- (MountMgr)
DRV - [2004/08/04 05:06:26 | 000,073,472 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\sr.sys -- (sr)
DRV - [2004/08/04 05:00:48 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\irenum.sys -- (IRENUM)
DRV - [2004/08/04 01:01:08 | 000,040,840 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\termdd.sys -- (TermDD)
DRV - [2004/08/03 23:10:30 | 000,085,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\NABTSFEC.sys -- (NABTSFEC)
DRV - [2004/08/03 23:10:22 | 000,019,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\WSTCODEC.SYS -- (WSTCODEC)
DRV - [2004/08/03 23:10:18 | 000,017,024 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\CCDECODE.sys -- (CCDECODE)
DRV - [2004/08/03 23:07:40 | 000,052,864 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\DMusic.sys -- (DMusic)
DRV - [2004/08/03 23:01:26 | 000,025,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbprint.sys -- (usbprint)
DRV - [2004/08/03 23:01:16 | 000,196,864 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rdpdr.sys -- (rdpdr)
DRV - [2004/08/03 22:59:54 | 000,049,536 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\cdrom.sys -- (Cdrom)
DRV - [2004/08/03 22:58:46 | 000,015,104 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbscan.sys -- (usbscan)
DRV - [2004/08/03 22:58:40 | 000,005,504 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\MSTEE.sys -- (MSTEE)
DRV - [2004/08/03 22:58:34 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\mouclass.sys -- (Mouclass)
DRV - [2001/08/23 20:00:00 | 000,125,056 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\ftdisk.sys -- (Ftdisk)
DRV - [2001/08/23 20:00:00 | 000,038,016 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ndproxy.sys -- (NDProxy)
DRV - [2001/08/23 20:00:00 | 000,035,840 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\isapnp.sys -- (isapnp)
DRV - [2001/08/23 20:00:00 | 000,034,944 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\fips.sys -- (Fips)
DRV - [2001/08/23 20:00:00 | 000,032,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ipfltdrv.sys -- (IpFilterDriver)
DRV - [2001/08/23 20:00:00 | 000,032,512 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nwlnkfwd.sys -- (NwlnkFwd)
DRV - [2001/08/23 20:00:00 | 000,018,688 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\partmgr.sys -- (PartMgr)
DRV - [2001/08/23 20:00:00 | 000,017,792 | ---- | M] (Parallel Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ptilink.sys -- (Ptilink)
DRV - [2001/08/23 20:00:00 | 000,016,512 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\raspti.sys -- (Raspti)
DRV - [2001/08/23 20:00:00 | 000,013,952 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\cbidf2k.sys -- (cbidf2k)
DRV - [2001/08/23 20:00:00 | 000,012,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nwlnkflt.sys -- (NwlnkFlt)
DRV - [2001/08/23 20:00:00 | 000,012,032 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\drivers\ws2ifsl.sys -- (WS2IFSL)
DRV - [2001/08/23 20:00:00 | 000,011,648 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\acpiec.sys -- (ACPIEC)
DRV - [2001/08/23 20:00:00 | 000,009,600 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ndistapi.sys -- (NdisTapi)
DRV - [2001/08/23 20:00:00 | 000,009,600 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hidusb.sys -- (HidUsb)
DRV - [2001/08/23 20:00:00 | 000,008,832 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\rasacd.sys -- (RasAcd)
DRV - [2001/08/23 20:00:00 | 000,006,784 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\parvdm.sys -- (ParVdm)
DRV - [2001/08/23 20:00:00 | 000,005,888 | ---- | M] (Microsoft Corp., Veritas Software.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\dmload.sys -- (dmload)
DRV - [2001/08/23 20:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\rdpcdd.sys -- (RDPCDD)
DRV - [2001/08/23 20:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\mnmdd.sys -- (mnmdd)
DRV - [2001/08/23 20:00:00 | 000,003,328 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\pciide.sys -- (PCIIde)
DRV - [2001/08/17 21:59:44 | 000,003,072 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\audstub.sys -- (audstub)
DRV - [2001/08/17 13:48:00 | 000,012,160 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mouhid.sys -- (mouhid)
DRV - [2001/06/21 21:39:02 | 000,073,728 | ---- | M] (Rainbow Technologies, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\System32\Drivers\SENTINEL.SYS -- (Sentinel)
DRV - [2001/06/21 21:39:02 | 000,020,032 | R--- | M] (Rainbow Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SNTNLUSB.SYS -- (Sntnlusb)
DRV - [1998/07/10 04:31:00 | 000,007,328 | ---- | M] () [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\ds1410d.sys -- (DS1410D)
DRV - [1996/04/04 03:33:26 | 000,005,248 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\giveio.sys -- (giveio)


========== Standard Registry (All) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://us.rd.yahoo.com/customize/ie/defaul...//www.yahoo.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/defaul...//www.yahoo.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?p...ER}&ar=home
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomSearch = http://us.rd.yahoo.com/customize/ie/defaul...rch/search.html
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm


IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,AlwaysUseDefaultPrinter = yes
IE - HKU\.DEFAULT\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,AlwaysUseDefaultPrinter = yes
IE - HKU\S-1-5-18\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,AlwaysUseDefaultPrinter = yes

IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,AlwaysUseDefaultPrinter = yes

IE - HKU\S-1-5-21-1801674531-1580818891-682003330-1003\SOFTWARE\Microsoft\Internet Explorer\Main,AlwaysUseDefaultPrinter = yes
IE - HKU\S-1-5-21-1801674531-1580818891-682003330-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKU\S-1-5-21-1801674531-1580818891-682003330-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/defaul...//www.yahoo.com
IE - HKU\S-1-5-21-1801674531-1580818891-682003330-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = [binary data]
IE - HKU\S-1-5-21-1801674531-1580818891-682003330-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource=10&ctid=CT1572363
IE - HKU\S-1-5-21-1801674531-1580818891-682003330-1003\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\system32\shdocvw.dll (Microsoft Corporation)
IE - HKU\S-1-5-21-1801674531-1580818891-682003330-1003\..\URLSearchHook: {e5a1e26f-0d1d-4307-868f-fbd9a374ab54} - C:\Program Files\ooVoo_Chat\tbooVo.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-1801674531-1580818891-682003330-1003\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll (Yahoo! Inc.)
IE - HKU\S-1-5-21-1801674531-1580818891-682003330-1003\S-1-5-21-1801674531-1580818891-682003330-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1801674531-1580818891-682003330-1003\S-1-5-21-1801674531-1580818891-682003330-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultthis.engineName: "ooVoo Chat Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT1572363&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.selectedEngine: "ooVoo Chat Customized Web Search"
FF - prefs.js..browser.startup.homepage: "http://search.conduit.com/?ctid=CT1572363&SearchSource=13"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA}:6.0.06
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}:6.0.07
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}:6.0.11
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {e5a1e26f-0d1d-4307-868f-fbd9a374ab54}:2.4.0.4
FF - prefs.js..extensions.enabledItems: {FCAB6FDD-5585-425b-95C1-5ED856F3FD08}:1.3.2
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.5.8
FF - prefs.js..network.proxy.type: 2

FF - HKLM\software\mozilla\Firefox\extensions\\jqs@sun.com: C:\Program Files\Java\jre6\lib\deploy\jqs\ff [2008/12/18 11:07:23 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\extensions\\{20a82645-c095-46ed-80e3-08825760534b}: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2009/02/12 04:43:20 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.8\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/02/19 16:27:24 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.8\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/02/19 16:27:23 | 000,000,000 | ---D | M]

[2010/01/10 09:54:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\kwang\Application Data\Mozilla\Extensions
[2010/01/10 09:54:42 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\kwang\Application Data\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2010/03/02 17:31:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\kwang\Application Data\Mozilla\Firefox\Profiles\lb7kxncq.default\extensions
[2010/02/16 00:50:01 | 000,000,000 | ---D | M] (ooVoo Chat Toolbar) -- C:\Documents and Settings\kwang\Application Data\Mozilla\Firefox\Profiles\lb7kxncq.default\extensions\{e5a1e26f-0d1d-4307-868f-fbd9a374ab54}
[2010/01/18 08:34:10 | 000,000,000 | ---D | M] (Sothink SWF Catcher) -- C:\Documents and Settings\kwang\Application Data\Mozilla\Firefox\Profiles\lb7kxncq.default\extensions\{FCAB6FDD-5585-425b-95C1-5ED856F3FD08}
[2009/10/06 18:07:30 | 000,000,882 | ---- | M] () -- C:\Documents and Settings\kwang\Application Data\Mozilla\Firefox\Profiles\lb7kxncq.default\searchplugins\conduit.xml
[2010/03/02 17:31:00 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010/02/19 16:27:23 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2008/11/12 03:35:25 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA}
[2008/04/27 23:04:51 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA}
[2008/08/29 12:39:55 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}
[2008/12/18 11:07:38 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}
[2010/02/19 16:27:16 | 000,023,512 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\browserdirprovider.dll
[2010/02/19 16:27:16 | 000,137,176 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\brwsrcmp.dll
[2008/08/06 16:22:02 | 000,114,688 | ---- | M] (Adobe Systems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\np32dsw.dll
[2008/12/18 11:07:22 | 000,410,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeploytk.dll
[2010/02/19 16:27:19 | 000,064,984 | ---- | M] (mozilla.org) -- C:\Program Files\Mozilla Firefox\plugins\npnul32.dll
[2007/05/10 22:52:34 | 000,095,864 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\Mozilla Firefox\plugins\nppdf32.dll
[2009/10/28 02:00:00 | 000,140,864 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\nppl3260.dll
[2009/10/28 02:00:00 | 000,094,208 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\nprpjplug.dll
[2009/12/22 10:32:20 | 000,001,394 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazondotcom.xml
[2009/12/22 10:32:20 | 000,002,193 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\answers.xml
[2009/12/22 10:32:20 | 000,001,534 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\creativecommons.xml
[2009/12/22 10:32:20 | 000,002,344 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay.xml
[2009/12/22 10:32:20 | 000,002,371 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\google.xml
[2009/12/22 10:32:20 | 000,001,178 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia.xml
[2009/12/22 10:32:20 | 000,000,792 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo.xml

O1 HOSTS File: ([2010/02/27 21:27:07 | 000,379,550 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 activate.adobe.com
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 13102 more lines...
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll (Yahoo! Inc.)
O2 - BHO: (HP Print Enhancer) - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (AskBar BHO) - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll (Ask.com)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Windows Live Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - No CLSID value found.
O2 - BHO: (no name) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - No CLSID value found.
O2 - BHO: (no name) - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - No CLSID value found.
O2 - BHO: (FDMIECookiesBHO Class) - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll ()
O2 - BHO: (ooVoo Chat Toolbar) - {e5a1e26f-0d1d-4307-868f-fbd9a374ab54} - C:\Program Files\ooVoo_Chat\tbooVo.dll (Conduit Ltd.)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\YTSingleInstance.dll (Yahoo! Inc)
O2 - BHO: (HP Smart BHO Class) - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O3 - HKLM\..\Toolbar: (no name) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll (Ask.com)
O3 - HKLM\..\Toolbar: (ooVoo Chat Toolbar) - {e5a1e26f-0d1d-4307-868f-fbd9a374ab54} - C:\Program Files\ooVoo_Chat\tbooVo.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll (Yahoo! Inc.)
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (&Address) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (&Links) - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (Ask Toolbar) - {3041D03E-FD4B-44E0-B742-2D9B88305F98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll (Ask.com)
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (&Address) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (&Links) - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (Ask Toolbar) - {3041D03E-FD4B-44E0-B742-2D9B88305F98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll (Ask.com)
O3 - HKU\S-1-5-21-1801674531-1580818891-682003330-1003\..\Toolbar\ShellBrowser: (&Address) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
O3 - HKU\S-1-5-21-1801674531-1580818891-682003330-1003\..\Toolbar\WebBrowser: (&Address) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
O3 - HKU\S-1-5-21-1801674531-1580818891-682003330-1003\..\Toolbar\WebBrowser: (&Links) - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O3 - HKU\S-1-5-21-1801674531-1580818891-682003330-1003\..\Toolbar\WebBrowser: (Ask Toolbar) - {3041D03E-FD4B-44E0-B742-2D9B88305F98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll (Ask.com)
O3 - HKU\S-1-5-21-1801674531-1580818891-682003330-1003\..\Toolbar\WebBrowser: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll (Yahoo! Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [ClamWin] C:\Program Files\ClamWin\bin\ClamTray.exe (alch)
O4 - HKLM..\Run: [Google IME Autoupdater] C:\Program Files\Google\Google Pinyin\GooglePinyinDaemon.exe (Google Inc.)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKU\.DEFAULT..\Run: [] File not found
O4 - HKU\S-1-5-18..\Run: [] File not found
O4 - HKU\S-1-5-21-1801674531-1580818891-682003330-1003..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1801674531-1580818891-682003330-1003..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\daemon.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-1801674531-1580818891-682003330-1003..\Run: [Eraser] C:\Program Files\Eraser\eraser.exe (The Eraser Project)
O4 - HKU\S-1-5-21-1801674531-1580818891-682003330-1003..\Run: [Search Protection] C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe File not found
O4 - HKU\S-1-5-21-1801674531-1580818891-682003330-1003..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - HKU\S-1-5-21-1801674531-1580818891-682003330-1003..\Run: [Uniblue RegistryBooster 2009] C:\Program Files\Uniblue\RegistryBooster\RegistryBooster.exe (Uniblue Software)
O4 - HKLM..\RunOnce: [SpybotSnD] C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe (Safer Networking Limited)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19_Classes\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20_Classes\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1801674531-1580818891-682003330-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1801674531-1580818891-682003330-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 36
O7 - HKU\S-1-5-21-1801674531-1580818891-682003330-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = FF FF FF FF [binary data]
O7 - HKU\S-1-5-21-1801674531-1580818891-682003330-1003_Classes\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: Download all with Free Download Manager - C:\Program Files\Free Download Manager\dlall.htm ()
O8 - Extra context menu item: Download selected with Free Download Manager - C:\Program Files\Free Download Manager\dlselected.htm ()
O8 - Extra context menu item: Download video with Free Download Manager - C:\Program Files\Free Download Manager\dlfvideo.htm ()
O8 - Extra context menu item: Download with Free Download Manager - C:\Program Files\Free Download Manager\dllink.htm ()
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\OFFICE11\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll (Google Inc.)
O8 - Extra context menu item: Sothink SWF Catcher - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm ()
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: HP Smart Select - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O9 - Extra Button: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm ()
O9 - Extra 'Tools' menuitem : Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm ()
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\WINDOWS\system32\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Computer, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O12 - Plugin for: .spop - C:\Program Files\Internet Explorer\PLUGINS\NPDocBox.dll (InterTrust Technologies Corporation, Inc.)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\Yinsthelper.dll (Installation Support)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flash...r/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0)
O16 - DPF: {CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_06)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_11)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\gopher {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8050.1202.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\WINDOWS\system32\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8050.1202.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Common Files\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Common Files\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\sysimage {76E67A63-06E9-11D2-A840-006008059382} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\wia {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - C:\WINDOWS\system32\wiascr.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\Class Install Handler {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\lzdhtml {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/webviewhtml {733AC4CB-F1A4-11d0-B951-00A0C90312E1} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\x-sdch {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - Reg Error: Key error. File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\SYSTEM32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UIHost - (logonui.exe) - C:\WINDOWS\System32\logonui.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (rundll32 shell32) - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - C:\WINDOWS\System32\sysdm.cpl (Microsoft Corporation)
O20 - Winlogon\Notify\crypt32chain: DllName - crypt32.dll - C:\WINDOWS\System32\crypt32.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cryptnet: DllName - cryptnet.dll - C:\WINDOWS\System32\cryptnet.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cscdll: DllName - cscdll.dll - C:\WINDOWS\System32\cscdll.dll (Microsoft Corporation)
O20 - Winlogon\Notify\ScCertProp: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\Schedule: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\sclgntfy: DllName - sclgntfy.dll - C:\WINDOWS\System32\sclgntfy.dll (Microsoft Corporation)
O20 - Winlogon\Notify\SensLogn: DllName - WlNotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\termsrv: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\wlballoon: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - C:\WINDOWS\system32\stobject.dll (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\WINDOWS\system32\webcheck.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {438755C2-A8BA-11D1-B96B-00A0C90312E1} - Browseui preloader - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Component Categories cache daemon - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
O24 - Desktop Components:0 (My Current Home Page) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\kwang\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\kwang\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (msapsspc.dll) - C:\WINDOWS\System32\msapsspc.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (schannel.dll) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (digest.dll) - C:\WINDOWS\System32\digest.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (msnsspc.dll) - C:\WINDOWS\System32\msnsspc.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\WINDOWS\System32\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\WINDOWS\System32\wdigest.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007/08/10 14:42:35 | 000,000,050 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2008/11/18 14:55:59 | 000,000,000 | ---D | M] - C:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2009/07/25 21:24:27 | 000,000,000 | ---D | M] - E:\Autodesk -- [ NTFS ]
O32 - AutoRun File - [2008/11/18 14:56:00 | 000,000,000 | ---D | M] - E:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2009/07/18 10:26:14 | 000,000,000 | ---D | M] - L:\Autodesk 3ds Max Design Suite 2009 DVD -- [ NTFS ]
O33 - MountPoints2\{773744c4-ac4c-11dc-a348-0019db2a6b70}\Shell\Auto\command - "" = autoregistry.exe
O33 - MountPoints2\{773744c4-ac4c-11dc-a348-0019db2a6b70}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{773744c4-ac4c-11dc-a348-0019db2a6b70}\Shell\AutoRun\command - "" = C:\WINDOWS\System32\shell32.dll -- [2007/01/17 04:07:00 | 008,458,752 | ---- | M] (Microsoft Corporation)
O33 - MountPoints2\{8617a184-9880-11de-a594-0019db2a6b70}\Shell\AutoRun\command - "" = ROOT\SYSTEM\MaY.exe
O33 - MountPoints2\{8617a184-9880-11de-a594-0019db2a6b70}\Shell\open\command - "" = ROOT\SYSTEM\MaY.exe
O33 - MountPoints2\{9031a3cb-6697-11dd-a4d2-0019db2a6b70}\Shell\AutoRun\command - "" = I:\o6opnro.bat -- File not found
O33 - MountPoints2\{9031a3cb-6697-11dd-a4d2-0019db2a6b70}\Shell\explore\Command - "" = I:\o6opnro.bat -- File not found
O33 - MountPoints2\{9031a3cb-6697-11dd-a4d2-0019db2a6b70}\Shell\open\Command - "" = I:\o6opnro.bat -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (sprestrt) - C:\WINDOWS\System32\sprestrt.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (sprestrt) - C:\WINDOWS\System32\sprestrt.exe (Microsoft Corporation)
O35 - comfile [open] -- "%1" %*
O35 - exefile [open] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010/03/03 20:01:20 | 000,551,424 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\kwang\Desktop\OTL.exe
[2010/03/03 19:26:00 | 001,266,056 | ---- | C] (Microsoft Corporation) -- C:\Documents and Settings\kwang\Desktop\WindowsXP-KB927891-v3-x86-ENU.exe
[2010/03/03 19:22:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\kwang\Desktop\ProcessExplorer
[2010/03/03 19:08:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\WTablet
[2010/02/26 12:44:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\Sun
[2010/02/25 19:22:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\Identities
[2010/02/22 12:47:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Adobe
[2010/02/22 12:47:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\Adobe
[2010/02/22 12:36:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\Real
[2010/02/21 19:58:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Opera
[2010/02/21 19:58:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\Opera
[2010/02/21 12:49:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\PC Tools
[2010/02/21 09:48:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\Macromedia
[2010/02/21 09:18:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft
[2010/02/19 08:51:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\kwang\Desktop\Adobe After Effects CS4
[2010/02/18 17:15:52 | 000,417,792 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxdrv.dll
[2010/02/18 17:15:52 | 000,372,736 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\px.dll
[2010/02/18 17:15:52 | 000,339,968 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxwave.dll
[2010/02/18 17:15:52 | 000,172,032 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxmas.dll
[2010/02/18 17:15:52 | 000,028,672 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\vxblock.dll
[2010/02/18 17:15:52 | 000,020,016 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\drivers\pxhelp20.sys
[2010/02/16 00:50:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\kwang\Application Data\ooVoo Details
[2010/02/16 00:50:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\kwang\Local Settings\Application Data\ooVoo_Chat
[2010/02/16 00:50:04 | 000,000,000 | ---D | C] -- C:\Program Files\Conduit
[2010/02/16 00:50:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\kwang\Local Settings\Application Data\Conduit
[2010/02/16 00:50:03 | 000,000,000 | ---D | C] -- C:\Program Files\ooVoo_Chat
[2010/02/16 00:49:52 | 000,000,000 | ---D | C] -- C:\Program Files\ooVoo
[2010/02/15 23:12:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\kwang\Application Data\Skype
[2010/02/15 23:12:48 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2010/02/15 23:12:43 | 000,000,000 | R--D | C] -- C:\Program Files\Skype
[2010/02/15 09:58:31 | 000,049,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cdrom.sys
[2010/02/10 08:33:53 | 023,933,757 | ---- | C] (TangoSoft) -- C:\Documents and Settings\kwang\Desktop\Re-Enable v2 Portable.exe
[2010/02/07 11:22:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\kwang\Desktop\New Folder
[2010/02/06 00:02:39 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/02/06 00:02:36 | 000,019,160 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010/02/06 00:02:36 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/02/05 23:31:57 | 000,000,000 | ---D | C] -- C:\Program Files\Enigma Software Group
[2010/02/05 02:38:03 | 000,274,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mucltui.dll
[2010/02/05 02:38:03 | 000,016,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mucltui.dll.mui
[2010/02/04 08:57:42 | 000,000,000 | ---D | C] -- C:\VundoFix Backups
[2010/02/04 08:26:23 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\MpEngineStore
[2010/02/04 08:26:13 | 000,021,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wucltui.dll.mui
[2010/02/04 08:26:13 | 000,017,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuaueng.dll.mui
[2010/02/04 08:26:13 | 000,015,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuaucpl.cpl.mui
[2010/02/04 08:26:13 | 000,015,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuapi.dll.mui
[2010/02/04 08:26:13 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\SoftwareDistribution
[2010/02/04 08:24:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
[2010/02/02 08:54:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\kwang\Application Data\Malwarebytes
[2010/02/02 08:51:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2010/02/01 21:29:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\kwang\Application Data\Defender
[2010/02/01 20:39:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Trymedia
[2010/01/22 17:22:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft
[2009/12/28 19:27:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Google
[2009/12/28 19:22:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Google
[2009/10/13 07:28:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Application Data\Macromedia
[2009/10/13 07:28:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Application Data\Adobe
[2008/07/01 23:03:17 | 000,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Application Data\Microsoft
[2008/07/01 22:59:28 | 000,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Application Data\Microsoft
[2008/06/24 09:50:12 | 000,147,456 | ---- | C] ( ) -- C:\WINDOWS\rsnp2std.dll
[2008/06/24 09:50:12 | 000,053,248 | ---- | C] ( ) -- C:\WINDOWS\System32\csnp2std.dll
[7 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\System32\drivers\*.tmp files -> C:\WINDOWS\System32\drivers\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010/03/03 20:01:43 | 000,551,424 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\kwang\Desktop\OTL.exe
[2010/03/03 20:01:02 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/03/03 20:00:00 | 000,000,486 | ---- | M] () -- C:\WINDOWS\tasks\1-Click Maintenance.job
[2010/03/03 19:55:38 | 020,185,088 | -H-- | M] () -- C:\Documents and Settings\kwang\NTUSER.DAT
[2010/03/03 19:32:00 | 000,000,978 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1801674531-1580818891-682003330-1003UA.job
[2010/03/03 19:26:03 | 001,266,056 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\kwang\Desktop\WindowsXP-KB927891-v3-x86-ENU.exe
[2010/03/03 19:20:51 | 001,615,732 | ---- | M] () -- C:\Documents and Settings\kwang\Desktop\ProcessExplorer.zip
[2010/03/03 19:10:06 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010/03/03 19:10:00 | 000,267,725 | ---- | M] () -- C:\WINDOWS\System32\NvApps.xml
[2010/03/03 19:08:39 | 000,000,868 | ---- | M] () -- C:\WINDOWS\tasks\Google Software Updater.job
[2010/03/03 19:07:58 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/03/03 19:07:56 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/03/03 16:59:17 | 000,000,178 | -HS- | M] () -- C:\Documents and Settings\kwang\ntuser.ini
[2010/03/03 05:37:55 | 000,028,089 | ---- | M] () -- C:\WINDOWS\Sysvxd.exe
[2010/03/02 23:35:06 | 000,236,032 | ---- | M] () -- C:\Documents and Settings\kwang\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/03/01 20:32:00 | 000,000,926 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1801674531-1580818891-682003330-1003Core.job
[2010/03/01 19:18:24 | 001,576,498 | -H-- | M] () -- C:\Documents and Settings\kwang\Local Settings\Application Data\IconCache.db
[2010/03/01 12:14:43 | 000,000,397 | ---- | M] () -- C:\WINDOWS\NJCOM.INI
[2010/02/28 20:47:07 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010/02/27 21:27:07 | 000,379,550 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2010/02/27 16:01:42 | 000,000,933 | ---- | M] () -- C:\Documents and Settings\kwang\Desktop\Spybot - Search & Destroy.lnk
[2010/02/27 11:10:08 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010/02/27 08:05:46 | 000,189,653 | ---- | M] () -- C:\Documents and Settings\kwang\Desktop\2ajtjie.png
[2010/02/26 15:47:10 | 000,054,016 | ---- | M] () -- C:\WINDOWS\System32\drivers\dluvokg.sys
[2010/02/26 10:08:31 | 000,085,835 | ---- | M] () -- C:\Documents and Settings\kwang\Desktop\The_Books_of_Magic_gigatorrent[www.btmon.com].torrent
[2010/02/24 19:41:57 | 000,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb
[2010/02/24 19:41:57 | 000,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb
[2010/02/24 08:55:57 | 000,006,906 | ---- | M] () -- C:\Documents and Settings\kwang\Desktop\26666_319941497885_689762885_3595616_6461969_n.jpg
[2010/02/21 20:39:16 | 000,003,038 | ---- | M] () -- C:\Documents and Settings\kwang\Desktop\fix_svchost.bat
[2010/02/21 19:56:14 | 000,028,979 | ---- | M] () -- C:\Documents and Settings\kwang\Desktop\d20future_BuyDC table01.png
[2010/02/21 12:35:36 | 000,000,558 | ---- | M] () -- C:\WINDOWS\DFC.INI
[2010/02/20 22:53:43 | 000,001,108 | ---- | M] () -- C:\WINDOWS\win.ini
[2010/02/20 22:53:43 | 000,000,409 | ---- | M] () -- C:\WINDOWS\system.ini
[2010/02/20 22:53:43 | 000,000,211 | RHS- | M] () -- C:\boot.ini
[2010/02/20 13:21:55 | 000,096,344 | ---- | M] () -- C:\Documents and Settings\kwang\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2010/02/20 12:19:33 | 002,398,864 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/02/18 17:21:51 | 000,012,031 | ---- | M] () -- C:\Documents and Settings\kwang\Desktop\Adobe_Premiere_Pro_2.0_-_by_iskoptrixx.3495280.TPB.torrent
[2010/02/18 17:15:10 | 000,417,792 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\System32\pxdrv.dll
[2010/02/18 17:15:10 | 000,372,736 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\System32\px.dll
[2010/02/18 17:15:10 | 000,339,968 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\System32\pxwave.dll
[2010/02/18 17:15:10 | 000,172,032 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\System32\pxmas.dll
[2010/02/18 17:15:10 | 000,053,248 | ---- | M] () -- C:\WINDOWS\System32\pxhpinst.exe
[2010/02/18 17:15:10 | 000,028,672 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\System32\vxblock.dll
[2010/02/18 17:15:10 | 000,020,016 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\System32\drivers\pxhelp20.sys
[2010/02/17 20:13:19 | 000,135,439 | ---- | M] () -- C:\Documents and Settings\kwang\Desktop\Solid_vs_Liquid_comission_by_MaroBot.jpg
[2010/02/14 11:55:28 | 000,000,122 | ---- | M] () -- C:\WINDOWS\kaillera.ini
[2010/02/10 08:37:05 | 023,933,757 | ---- | M] (TangoSoft) -- C:\Documents and Settings\kwang\Desktop\Re-Enable v2 Portable.exe
[2010/02/10 05:48:43 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\TUProgSt_20100209-214843.dmp
[2010/02/06 15:01:34 | 000,013,514 | -HS- | M] () -- C:\Documents and Settings\kwang\Local Settings\Application Data\d5vIIt
[2010/02/06 00:02:43 | 000,000,696 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/02/05 23:58:06 | 000,000,042 | ---- | M] () -- C:\WINDOWS\System32\scud.udf
[2010/02/05 23:32:16 | 000,000,031 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20100227-212707.backup
[2010/02/04 11:23:00 | 000,000,380 | ---- | M] () -- C:\WINDOWS\tasks\NSSstub.job
[2010/02/02 20:58:14 | 000,440,684 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/02/02 20:58:14 | 000,071,002 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010/02/02 08:58:53 | 000,002,020 | -HS- | M] () -- C:\Documents and Settings\kwang\Local Settings\Application Data\PQyt
[2010/02/02 08:48:18 | 000,012,190 | -HS- | M] () -- C:\Documents and Settings\kwang\Local Settings\Application Data\4R7Ku
[2010/02/02 08:36:59 | 2145,386,496 | ---- | M] () -- C:\WINDOWS\MEMORY.DMP
[7 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\System32\drivers\*.tmp files -> C:\WINDOWS\System32\drivers\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/03/03 19:20:51 | 001,615,732 | ---- | C] () -- C:\Documents and Settings\kwang\Desktop\ProcessExplorer.zip
[2010/03/02 22:57:53 | 000,028,089 | ---- | C] () -- C:\WINDOWS\Sysvxd.exe
[2010/02/27 16:01:42 | 000,000,933 | ---- | C] () -- C:\Documents and Settings\kwang\Desktop\Spybot - Search & Destroy.lnk
[2010/02/27 08:05:45 | 000,189,653 | ---- | C] () -- C:\Documents and Settings\kwang\Desktop\2ajtjie.png
[2010/02/26 15:47:10 | 000,054,016 | ---- | C] () -- C:\WINDOWS\System32\drivers\dluvokg.sys
[2010/02/26 10:08:27 | 000,085,835 | ---- | C] () -- C:\Documents and Settings\kwang\Desktop\The_Books_of_Magic_gigatorrent[www.btmon.com].torrent
[2010/02/24 08:55:54 | 000,006,906 | ---- | C] () -- C:\Documents and Settings\kwang\Desktop\26666_319941497885_689762885_3595616_6461969_n.jpg
[2010/02/21 20:39:15 | 000,003,038 | ---- | C] () -- C:\Documents and Settings\kwang\Desktop\fix_svchost.bat
[2010/02/21 19:56:12 | 000,028,979 | ---- | C] () -- C:\Documents and Settings\kwang\Desktop\d20future_BuyDC table01.png
[2010/02/18 17:21:51 | 000,012,031 | ---- | C] () -- C:\Documents and Settings\kwang\Desktop\Adobe_Premiere_Pro_2.0_-_by_iskoptrixx.3495280.TPB.torrent
[2010/02/18 17:15:52 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\pxhpinst.exe
[2010/02/17 20:13:15 | 000,135,439 | ---- | C] () -- C:\Documents and Settings\kwang\Desktop\Solid_vs_Liquid_comission_by_MaroBot.jpg
[2010/02/14 11:55:28 | 000,000,122 | ---- | C] () -- C:\WINDOWS\kaillera.ini
[2010/02/10 05:48:43 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\TUProgSt_20100209-214843.dmp
[2010/02/06 18:59:24 | 000,000,886 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010/02/06 18:59:24 | 000,000,882 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010/02/06 00:02:43 | 000,000,696 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/02/05 23:58:06 | 000,000,042 | ---- | C] () -- C:\WINDOWS\System32\scud.udf
[2010/02/05 18:01:12 | 000,013,514 | -HS- | C] () -- C:\Documents and Settings\kwang\Local Settings\Application Data\d5vIIt
[2010/02/02 08:55:23 | 000,002,020 | -HS- | C] () -- C:\Documents and Settings\kwang\Local Settings\Application Data\PQyt
[2010/02/02 02:51:59 | 000,012,190 | -HS- | C] () -- C:\Documents and Settings\kwang\Local Settings\Application Data\4R7Ku
[2009/12/03 10:00:21 | 000,045,132 | ---- | C] () -- C:\Documents and Settings\kwang\Application Data\JuniperExtXP.exe
[2009/11/23 22:38:09 | 000,178,176 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2009/11/23 22:38:08 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini
[2009/11/23 22:38:06 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2009/11/23 22:38:06 | 000,881,664 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2009/11/23 22:38:06 | 000,205,824 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2009/11/23 22:38:04 | 000,085,504 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2009/11/23 22:38:04 | 000,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest
[2009/07/06 18:29:52 | 000,004,096 | ---- | C] () -- C:\WINDOWS\System32\drivers\nocashio.sys
[2009/04/22 00:19:06 | 000,172,173 | ---- | C] () -- C:\WINDOWS\System32\xlive.dll.cat
[2009/02/21 15:44:20 | 000,002,237 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\hpzinstall.log
[2009/02/12 04:42:37 | 003,923,480 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2009/01/01 11:29:59 | 000,000,164 | ---- | C] () -- C:\WINDOWS\System32\psconv.ini
[2009/01/01 03:34:54 | 000,116,224 | ---- | C] () -- C:\WINDOWS\System32\pdfmonnt.dll
[2008/12/31 21:58:09 | 000,000,156 | ---- | C] () -- C:\WINDOWS\Kpcms.ini
[2008/12/31 21:57:55 | 000,210,944 | ---- | C] () -- C:\WINDOWS\System32\Msvcrt10.dll
[2008/12/31 13:31:44 | 000,000,676 | ---- | C] () -- C:\WINDOWS\H2_Setup.INI
[2008/12/30 19:53:29 | 000,715,248 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2008/12/30 00:35:33 | 000,000,066 | ---- | C] () -- C:\WINDOWS\drD3D.ini
[2008/12/23 22:34:53 | 000,000,397 | ---- | C] () -- C:\WINDOWS\NJCOM.INI
[2008/12/04 19:48:35 | 000,036,363 | ---- | C] () -- C:\WINDOWS\CSTBox.INI
[2008/11/30 11:52:36 | 000,000,416 | ---- | C] () -- C:\WINDOWS\MAXLINK.INI
[2008/10/07 09:13:30 | 000,197,912 | ---- | C] () -- C:\WINDOWS\System32\physxcudart_20.dll
[2008/10/07 09:13:22 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll
[2008/08/09 00:39:20 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\CSDLGE1LIB.dll
[2008/06/24 09:50:13 | 000,015,497 | ---- | C] () -- C:\WINDOWS\snp2std.ini
[2008/06/24 09:50:12 | 010,305,280 | ---- | C] () -- C:\WINDOWS\System32\drivers\snp2sxp.sys
[2008/06/24 09:50:12 | 000,024,832 | ---- | C] () -- C:\WINDOWS\System32\drivers\sncamd.sys
[2008/04/14 15:15:03 | 000,000,231 | ---- | C] () -- C:\WINDOWS\System32\3dsmax.ini
[2008/04/14 15:15:03 | 000,000,043 | ---- | C] () -- C:\WINDOWS\System32\InstallSettings.ini
[2008/03/27 11:58:19 | 000,000,383 | ---- | C] () -- C:\WINDOWS\System32\haspdos.sys
[2008/03/27 11:58:09 | 000,007,328 | ---- | C] () -- C:\WINDOWS\System32\drivers\ds1410d.sys
[2007/08/19 00:07:14 | 003,064,832 | ---- | C] () -- C:\WINDOWS\System32\Irrlicht.dll
[2007/08/17 01:55:39 | 000,014,848 | ---- | C] () -- C:\WINDOWS\System32\BASSMOD.dll
[2007/08/12 19:30:54 | 000,236,032 | ---- | C] () -- C:\Documents and Settings\kwang\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007/08/10 15:20:16 | 000,000,023 | ---- | C] () -- C:\WINDOWS\BlendSettings.ini
[2007/08/10 14:48:16 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2007/08/10 14:39:46 | 000,000,558 | ---- | C] () -- C:\WINDOWS\DFC.INI
[2007/08/10 14:38:20 | 000,581,632 | ---- | C] () -- C:\WINDOWS\System32\nvhwvid.dll
[2007/08/10 14:38:20 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2007/04/24 19:31:12 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\ucinst32.dll
[2004/08/04 07:56:44 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\ieencode.dll
[2003/01/07 15:05:08 | 000,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2001/10/28 02:42:30 | 000,116,224 | ---- | C] () -- C:\WINDOWS\System32\prnmnt.dll
[1996/04/04 03:33:26 | 000,005,248 | ---- | C] () -- C:\WINDOWS\System32\giveio.sys

========== Alternate Data Streams ==========

@Alternate Data Stream - 169 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2
@Alternate Data Stream - 132 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:C8B8CEBD
@Alternate Data Stream - 119 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:CF61CE5A
@Alternate Data Stream - 118 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:C2FF2B0A
@Alternate Data Stream - 114 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:A8ADE5D8
< End of report >
[2010/03/03 20:05:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\kwang\Application Data\Azureus
[2010/03/03 20:01:43 | 000,551,424 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\kwang\Desktop\OTL.exe
[2010/03/03 20:01:02 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/03/03 20:00:00 | 000,000,486 | ---- | M] () -- C:\WINDOWS\tasks\1-Click Maintenance.job
[2010/03/03 19:55:38 | 020,185,088 | -H-- | M] () -- C:\Documents and Settings\kwang\NTUSER.DAT
[2010/03/03 19:32:00 | 000,000,978 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1801674531-1580818891-682003330-1003UA.job
[2010/03/03 19:26:03 | 001,266,056 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\kwang\Desktop\WindowsXP-KB927891-v3-x86-ENU.exe
[2010/03/03 19:20:51 | 001,615,732 | ---- | M] () -- C:\Documents and Settings\kwang\Desktop\ProcessExplorer.zip
[2010/03/03 19:10:06 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010/03/03 19:10:00 | 000,267,725 | ---- | M] () -- C:\WINDOWS\System32\NvApps.xml
[2010/03/03 19:08:39 | 000,000,868 | ---- | M] () -- C:\WINDOWS\tasks\Google Software Updater.job
[2010/03/03 19:08:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\WTablet
[2010/03/03 19:08:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Google Updater
[2010/03/03 19:07:58 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/03/03 19:07:56 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/03/03 16:59:17 | 000,000,178 | -HS- | M] () -- C:\Documents and Settings\kwang\ntuser.ini
[2010/03/03 16:59:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\kwang\Local Settings\Application Data\Eraser
[2010/03/03 08:34:41 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox
[2010/03/03 05:37:55 | 000,028,089 | ---- | M] () -- C:\WINDOWS\Sysvxd.exe
[2010/03/02 23:35:06 | 000,236,032 | ---- | M] () -- C:\Documents and Settings\kwang\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/03/01 20:32:00 | 000,000,926 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1801674531-1580818891-682003330-1003Core.job
[2010/03/01 19:18:24 | 001,576,498 | -H-- | M] () -- C:\Documents and Settings\kwang\Local Settings\Application Data\IconCache.db
[2010/03/01 12:14:43 | 000,000,397 | ---- | M] () -- C:\WINDOWS\NJCOM.INI
[2010/02/28 20:47:07 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010/02/27 23:33:13 | 000,000,000 | ---D | M] -- C:\Program Files\PaintTool SAI English Pack
[2010/02/27 21:47:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
[2010/02/27 21:27:07 | 000,379,550 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2010/02/27 20:52:36 | 000,000,000 | ---D | M] -- C:\Program Files\Spybot - Search & Destroy
[2010/02/27 16:01:42 | 000,000,933 | ---- | M] () -- C:\Documents and Settings\kwang\Desktop\Spybot - Search & Destroy.lnk
[2010/02/27 11:10:08 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010/02/27 08:05:46 | 000,189,653 | ---- | M] () -- C:\Documents and Settings\kwang\Desktop\2ajtjie.png
[2010/02/26 20:22:57 | 000,000,000 | ---D | M] -- C:\Program Files\Common Files
[2010/02/26 20:20:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2010/02/26 20:20:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Tools
[2010/02/26 15:47:10 | 000,054,016 | ---- | M] () -- C:\WINDOWS\System32\drivers\dluvokg.sys
[2010/02/26 12:44:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\Sun
[2010/02/26 10:08:31 | 000,085,835 | ---- | M] () -- C:\Documents and Settings\kwang\Desktop\The_Books_of_Magic_gigatorrent[www.btmon.com].torrent
[2010/02/25 19:22:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\Identities
[2010/02/25 11:04:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\kwang\Local Settings\Application Data\Temp
[2010/02/24 19:41:57 | 000,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb
[2010/02/24 19:41:57 | 000,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb
[2010/02/24 08:55:57 | 000,006,906 | ---- | M] () -- C:\Documents and Settings\kwang\Desktop\26666_319941497885_689762885_3595616_6461969_n.jpg
[2010/02/22 12:47:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Adobe
[2010/02/22 12:47:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\Adobe
[2010/02/22 12:36:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\Real
[2010/02/21 20:39:16 | 000,003,038 | ---- | M] () -- C:\Documents and Settings\kwang\Desktop\fix_svchost.bat
[2010/02/21 19:58:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Opera
[2010/02/21 19:58:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\Opera
[2010/02/21 19:56:14 | 000,028,979 | ---- | M] () -- C:\Documents and Settings\kwang\Desktop\d20future_BuyDC table01.png
[2010/02/21 12:35:36 | 000,000,558 | ---- | M] () -- C:\WINDOWS\DFC.INI
[2010/02/21 09:48:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\Macromedia
[2010/02/21 09:18:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft
[2010/02/20 22:53:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\kwang\Application Data\Skype
[2010/02/20 22:53:43 | 000,001,108 | ---- | M] () -- C:\WINDOWS\win.ini
[2010/02/20 22:53:43 | 000,000,409 | ---- | M] () -- C:\WINDOWS\system.ini
[2010/02/20 22:52:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\kwang\Application Data\skypePM
[2010/02/20 13:21:55 | 000,096,344 | ---- | M] () -- C:\Documents and Settings\kwang\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2010/02/20 12:20:30 | 000,096,344 | ---- | M] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2010/02/20 12:19:33 | 002,398,864 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/02/18 17:21:51 | 000,012,031 | ---- | M] () -- C:\Documents and Settings\kwang\Desktop\Adobe_Premiere_Pro_2.0_-_by_iskoptrixx.3495280.TPB.torrent
[2010/02/18 17:15:10 | 000,417,792 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\System32\pxdrv.dll
[2010/02/18 17:15:10 | 000,372,736 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\System32\px.dll
[2010/02/18 17:15:10 | 000,339,968 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\System32\pxwave.dll
[2010/02/18 17:15:10 | 000,172,032 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\System32\pxmas.dll
[2010/02/18 17:15:10 | 000,053,248 | ---- | M] () -- C:\WINDOWS\System32\pxhpinst.exe
[2010/02/18 17:15:10 | 000,028,672 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\System32\vxblock.dll
[2010/02/18 17:15:10 | 000,020,016 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\System32\drivers\pxhelp20.sys
[2010/02/17 20:13:19 | 000,135,439 | ---- | M] () -- C:\Documents and Settings\kwang\Desktop\Solid_vs_Liquid_comission_by_MaroBot.jpg
[2010/02/16 00:53:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\kwang\Application Data\ooVoo Details
[2010/02/16 00:50:08 | 000,000,000 | ---D | M] -- C:\Program Files\ooVoo
[2010/02/16 00:50:04 | 000,000,000 | ---D | M] -- C:\Program Files\ooVoo_Chat
[2010/02/16 00:50:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\kwang\Local Settings\Application Data\ooVoo_Chat
[2010/02/16 00:50:04 | 000,000,000 | ---D | M] -- C:\Program Files\Conduit
[2010/02/16 00:50:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\kwang\Local Settings\Application Data\Conduit
[2010/02/16 00:49:51 | 000,000,000 | -H-D | M] -- C:\Program Files\InstallShield Installation Information
[2010/02/15 23:12:48 | 000,000,000 | R--D | M] -- C:\Program Files\Skype
[2010/02/15 23:12:48 | 000,000,000 | ---D | M] -- C:\Program Files\Common Files\Skype
[2010/02/15 23:12:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Skype
[2010/02/14 11:55:28 | 000,000,122 | ---- | M] () -- C:\WINDOWS\kaillera.ini
[2010/02/12 05:19:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\kwang\Local Settings\Application Data\PMB Files
[2010/02/10 08:37:05 | 023,933,757 | ---- | M] (TangoSoft) -- C:\Documents and Settings\kwang\Desktop\Re-Enable v2 Portable.exe
[2010/02/10 05:48:43 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\TUProgSt_20100209-214843.dmp
[2010/02/10 03:34:31 | 000,000,000 | ---D | M] -- C:\Program Files\Vuze
[2010/02/08 23:54:08 | 000,000,000 | ---D | M] -- C:\Program Files\Google
[2010/02/07 18:48:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\kwang\Application Data\foobar2000
[2010/02/06 15:35:29 | 000,000,000 | ---D | M] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/02/06 15:01:34 | 000,013,514 | -HS- | M] () -- C:\Documents and Settings\kwang\Local Settings\Application Data\d5vIIt
[2010/02/06 00:02:43 | 000,000,696 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/02/05 23:58:06 | 000,000,042 | ---- | M] () -- C:\WINDOWS\System32\scud.udf
[2010/02/05 23:50:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\kwang\Local Settings\Application Data\Microsoft
[2010/02/05 23:50:19 | 000,000,000 | --SD | M] -- C:\Documents and Settings\All Users\Application Data\Microsoft
[2010/02/05 23:33:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\kwang\Application Data\HPAppData
[2010/02/05 23:32:16 | 000,000,031 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20100227-212707.backup
[2010/02/05 23:31:57 | 000,000,000 | ---D | M] -- C:\Program Files\Enigma Software Group
[2010/02/04 11:23:00 | 000,000,380 | ---- | M] () -- C:\WINDOWS\tasks\NSSstub.job
[2010/02/04 09:34:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Yahoo! Companion
[2010/02/04 08:24:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
[2010/02/02 20:58:14 | 000,440,684 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/02/02 20:58:14 | 000,071,002 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010/02/02 16:59:29 | 000,000,000 | ---D | M] -- C:\Program Files\Pando Networks
[2010/02/02 08:58:53 | 000,002,020 | -HS- | M] () -- C:\Documents and Settings\kwang\Local Settings\Application Data\PQyt
[2010/02/02 08:54:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\kwang\Application Data\Malwarebytes
[2010/02/02 08:51:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2010/02/02 08:48:18 | 000,012,190 | -HS- | M] () -- C:\Documents and Settings\kwang\Local Settings\Application Data\4R7Ku
[2010/02/02 08:36:59 | 2145,386,496 | ---- | M] () -- C:\WINDOWS\MEMORY.DMP
[2010/02/02 03:01:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\kwang\Application Data\Defender
[2010/02/01 20:39:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MumboJumbo
[2010/02/01 20:39:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Trymedia
[2010/01/22 17:22:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft
[2010/01/20 08:54:14 | 003,923,480 | ---- | M] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2009/12/28 19:27:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Google
[2009/12/28 19:22:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Google
[2009/12/03 10:00:21 | 000,045,132 | ---- | M] () -- C:\Documents and Settings\kwang\Application Data\JuniperExtXP.exe
[2009/10/13 07:28:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Application Data\Macromedia
[2009/10/13 07:28:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Application Data\Adobe
[2009/07/18 10:05:44 | 000,002,237 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\hpzinstall.log
[2008/07/01 23:03:17 | 000,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Application Data\Microsoft
[2008/07/01 22:59:28 | 000,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Application Data\Microsoft
[2008/07/01 21:25:11 | 000,000,062 | -HS- | M] () -- C:\Documents and Settings\All Users\Application Data\desktop.ini
[2007/08/10 22:14:42 | 000,000,062 | -HS- | M] () -- C:\Documents and Settings\kwang\Application Data\desktop.ini
[2006/06/29 14:58:52 | 000,030,808 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalUserInterface.CompositeFont
[2006/06/29 14:53:56 | 000,026,489 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalSansSerif.CompositeFont
[2006/04/18 15:39:28 | 000,029,779 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalSerif.CompositeFont
[2006/04/18 15:39:28 | 000,026,040 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalMonospace.CompositeFont
[7 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\System32\drivers\*.tmp files -> C:\WINDOWS\System32\drivers\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010/03/03 20:01:43 | 000,551,424 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\kwang\Desktop\OTL.exe
[2010/03/03 20:01:02 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/03/03 20:00:00 | 000,000,486 | ---- | M] () -- C:\WINDOWS\tasks\1-Click Maintenance.job
[2010/03/03 19:55:38 | 020,185,088 | -H-- | M] () -- C:\Documents and Settings\kwang\NTUSER.DAT
[2010/03/03 19:32:00 | 000,000,978 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1801674531-1580818891-682003330-1003UA.job
[2010/03/03 19:26:03 | 001,266,056 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\kwang\Desktop\WindowsXP-KB927891-v3-x86-ENU.exe
[2010/03/03 19:20:51 | 001,615,732 | ---- | M] () -- C:\Documents and Settings\kwang\Desktop\ProcessExplorer.zip
[2010/03/03 19:10:06 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010/03/03 19:10:00 | 000,267,725 | ---- | M] () -- C:\WINDOWS\System32\NvApps.xml
[2010/03/03 19:08:39 | 000,000,868 | ---- | M] () -- C:\WINDOWS\tasks\Google Software Updater.job
[2010/03/03 19:07:58 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/03/03 19:07:56 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/03/03 16:59:17 | 000,000,178 | -HS- | M] () -- C:\Documents and Settings\kwang\ntuser.ini
[2010/03/03 05:37:55 | 000,028,089 | ---- | M] () -- C:\WINDOWS\Sysvxd.exe
[2010/03/02 23:35:06 | 000,236,032 | ---- | M] () -- C:\Documents and Settings\kwang\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/03/01 20:32:00 | 000,000,926 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1801674531-1580818891-682003330-1003Core.job
[2010/03/01 19:18:24 | 001,576,498 | -H-- | M] () -- C:\Documents and Settings\kwang\Local Settings\Application Data\IconCache.db
[2010/03/01 12:14:43 | 000,000,397 | ---- | M] () -- C:\WINDOWS\NJCOM.INI
[2010/02/28 20:47:07 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010/02/27 21:27:07 | 000,379,550 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2010/02/27 16:01:42 | 000,000,933 | ---- | M] () -- C:\Documents and Settings\kwang\Desktop\Spybot - Search & Destroy.lnk
[2010/02/27 11:10:08 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010/02/27 08:05:46 | 000,189,653 | ---- | M] () -- C:\Documents and Settings\kwang\Desktop\2ajtjie.png
[2010/02/26 15:47:10 | 000,054,016 | ---- | M] () -- C:\WINDOWS\System32\drivers\dluvokg.sys
[2010/02/26 10:08:31 | 000,085,835 | ---- | M] () -- C:\Documents and Settings\kwang\Desktop\The_Books_of_Magic_gigatorrent[www.btmon.com].torrent
[2010/02/24 19:41:57 | 000,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb
[2010/02/24 19:41:57 | 000,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb
[2010/02/24 08:55:57 | 000,006,906 | ---- | M] () -- C:\Documents and Settings\kwang\Desktop\26666_319941497885_689762885_3595616_6461969_n.jpg
[2010/02/21 20:39:16 | 000,003,038 | ---- | M] () -- C:\Documents and Settings\kwang\Desktop\fix_svchost.bat
[2010/02/21 19:56:14 | 000,028,979 | ---- | M] () -- C:\Documents and Settings\kwang\Desktop\d20future_BuyDC table01.png
[2010/02/21 12:35:36 | 000,000,558 | ---- | M] () -- C:\WINDOWS\DFC.INI
[2010/02/20 22:53:43 | 000,001,108 | ---- | M] () -- C:\WINDOWS\win.ini
[2010/02/20 22:53:43 | 000,000,409 | ---- | M] () -- C:\WINDOWS\system.ini
[2010/02/20 22:53:43 | 000,000,211 | RHS- | M] () -- C:\boot.ini
[2010/02/20 13:21:55 | 000,096,344 | ---- | M] () -- C:\Documents and Settings\kwang\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2010/02/20 12:19:33 | 002,398,864 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/02/18 17:21:51 | 000,012,031 | ---- | M] () -- C:\Documents and Settings\kwang\Desktop\Adobe_Premiere_Pro_2.0_-_by_iskoptrixx.3495280.TPB.torrent
[2010/02/18 17:15:10 | 000,417,792 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\System32\pxdrv.dll
[2010/02/18 17:15:10 | 000,372,736 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\System32\px.dll
[2010/02/18 17:15:10 | 000,339,968 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\System32\pxwave.dll
[2010/02/18 17:15:10 | 000,172,032 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\System32\pxmas.dll
[2010/02/18 17:15:10 | 000,053,248 | ---- | M] () -- C:\WINDOWS\System32\pxhpinst.exe
[2010/02/18 17:15:10 | 000,028,672 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\System32\vxblock.dll
[2010/02/18 17:15:10 | 000,020,016 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\System32\drivers\pxhelp20.sys
[2010/02/17 20:13:19 | 000,135,439 | ---- | M] () -- C:\Documents and Settings\kwang\Desktop\Solid_vs_Liquid_comission_by_MaroBot.jpg
[2010/02/14 11:55:28 | 000,000,122 | ---- | M] () -- C:\WINDOWS\kaillera.ini
[2010/02/10 08:37:05 | 023,933,757 | ---- | M] (TangoSoft) -- C:\Documents and Settings\kwang\Desktop\Re-Enable v2 Portable.exe
[2010/02/10 05:48:43 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\TUProgSt_20100209-214843.dmp
[2010/02/06 15:01:34 | 000,013,514 | -HS- | M] () -- C:\Documents and Settings\kwang\Local Settings\Application Data\d5vIIt
[2010/02/06 00:02:43 | 000,000,696 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/02/05 23:58:06 | 000,000,042 | ---- | M] () -- C:\WINDOWS\System32\scud.udf
[2010/02/05 23:32:16 | 000,000,031 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20100227-212707.backup
[2010/02/04 11:23:00 | 000,000,380 | ---- | M] () -- C:\WINDOWS\tasks\NSSstub.job
[2010/02/02 20:58:14 | 000,440,684 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/02/02 20:58:14 | 000,071,002 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010/02/02 08:58:53 | 000,002,020 | -HS- | M] () -- C:\Documents and Settings\kwang\Local Settings\Application Data\PQyt
[2010/02/02 08:48:18 | 000,012,190 | -HS- | M] () -- C:\Documents and Settings\kwang\Local Settings\Application Data\4R7Ku
[2010/02/02 08:36:59 | 2145,386,496 | ---- | M] () -- C:\WINDOWS\MEMORY.DMP
[7 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\System32\drivers\*.tmp files -> C:\WINDOWS\System32\drivers\*.tmp -> ]

========== Alternate Data Streams ==========

@Alternate Data Stream - 169 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2
@Alternate Data Stream - 132 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:C8B8CEBD
@Alternate Data Stream - 119 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:CF61CE5A
@Alternate Data Stream - 118 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:C2FF2B0A
@Alternate Data Stream - 114 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:A8ADE5D8

< End of report >

----------------------------------------------------------------------------


Anyways, is there solution to safely resolve this matter, as in removing/fixing the svchost thing?

BC AdBot (Login to Remove)

 


#2 Xwenn

Xwenn
  • Topic Starter

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:06:38 PM

Posted 03 March 2010 - 07:56 AM

P.S. I really, really appreciate the help..if you do help out course..

===========

Hello

While we understand your frustration at having to wait, please note that Bleeping Computer deals with several hundred requests for assistance such as yours on a daily basis. As a result, our backlog is quite large as are other comparable sites that help others with malware issues. Although our MRT Team members work on hundreds of requests each day, they are all volunteers who work logs when they can and are able to do so. No one is paid by Bleeping Computer for their assistance to our members.

Further, our malware removal staff is comprised of team members with various levels of skill and expertise to deal with thousands of malware variants, some more complex than others. Although we try to take DDS/HJT logs in order (starting with the oldest), it is often the skill level of the particular helper and sometimes the operating system that dictates which logs get selected first. Some infections are more complicated than others and require a higher skill level to remove. Without that skill level attempted removal could result in disastrous results. In other instances, the helper may not be familiar with the operating system that you are using, since they use another. In either case, neither of us want someone to assist you who is not familiar with your issue and attempt to fix it.

We ask that once you have posted your log and are waiting, please DO NOT "bump" your thread or make further replies until it has been responded to by a member of the MRT Team. The reason we ask this or do not respond to your requests is because that would remove you from the active queue that Techs and Staff have access to. The malware staff checks the forum for postings that have 0 replies as this makes it easier for them to identify those who have not been helped. If you post another response, there will be 1 reply. A team member, looking for a new log to work may assume another MRT Team member is already assisting you and not open the thread to respond.

That is why I have made an edit to your last post, instead of a reply. Please do not multiple post here, as that only pushes you further down the queue and causes confusion to the staff.

Please be patient. It may take several days to get a response but your log will be reviewed and answered as soon as possible. I advise checking your topic once a day for responses as the e-mail notification system is unreliable.

Thank you for understanding.

Orange Blossom ~ forum moderator

Edited by Orange Blossom, 03 March 2010 - 07:05 PM.


#3 schrauber

schrauber

    Mr.Mechanic


  • Malware Response Team
  • 24,794 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Munich,Germany
  • Local time:12:38 AM

Posted 07 March 2010 - 04:59 AM

Hello and welcome to Bleeping Computer

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine.

If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.

Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.

If you have already posted a DDS log, please do so again, as your situation may have changed.
Use the 'Add Reply' and add the new log to this thread.


Thanks and again sorry for the delay.

We need to see some information about what is happening in your machine. Please perform the following scan:
  • Download DDS by sUBs from one of the following links. Save it to your desktop.
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explaination about the tool. No input is needed, the scan is running.
  • Notepad will open with the results.
  • Follow the instructions that pop up for posting the results.
  • Close the program window, and delete the program from your desktop.
Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

Information on A/V control HERE



Please download GMER from one of the following locations and save it to your desktop:
  • Main Mirror
    This version will download a randomly named file (Recommended)
  • Zipped Mirror
    This version will download a zip file you will need to extract first. If you use this mirror, please extract the zip file to your desktop.
  • Disconnect from the Internet and close all running programs.
  • Temporarily disable any real-time active protection so your security programs will not conflict with gmer's driver.
  • Double-click on the randomly named GMER file (i.e. n7gmo46c.exe) and allow the gmer.sys driver to load if asked.
  • Note: If you downloaded the zipped version, extract the file to its own folder such as C:\gmer and then double-click on gmer.exe.


  • GMER will open to the Rootkit/Malware tab and perform an automatic quick scan when first run. (do not use the computer while the scan is in progress)
  • If you receive a WARNING!!! about rootkit activity and are asked to fully scan your system...click NO.
  • Now click the Scan button. If you see a rootkit warning window, click OK.
  • When the scan is finished, click the Save... button to save the scan results to your Desktop. Save the file as gmer.log.
  • Click the Copy button and paste the results into your next reply.
  • Exit GMER and re-enable all active protection when done.
-- If you encounter any problems, try running GMER in Safe Mode.
regards,
schrauber

Posted Image
Posted Image

If I've not posted back within 48 hrs., feel free to send a PM with your topic link. Thank you!

If I have helped you then please consider donating to continue the fight against malware Posted Image

#4 schrauber

schrauber

    Mr.Mechanic


  • Malware Response Team
  • 24,794 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Munich,Germany
  • Local time:12:38 AM

Posted 12 March 2010 - 12:02 PM

Due to the lack of feedback, this topic is now closed.
If you need this topic reopened, please PM a staff member and we will reopen it for you (include the address of this thread in your request). This applies to the original topic starter only. Everyone else with similar problems, please start a new topic.
regards,
schrauber

Posted Image
Posted Image

If I've not posted back within 48 hrs., feel free to send a PM with your topic link. Thank you!

If I have helped you then please consider donating to continue the fight against malware Posted Image




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users